🔐
Encryption
TLS 1.3 for all data in transit. AES-256 at rest. Passwords hashed with bcrypt + per-user salts.
🏗️
Tenant Isolation
Every account is isolated at the database level. Your data is never accessible by other tenants.
🔑
Authentication
JWT-based auth with httpOnly cookies to prevent XSS. Sessions expire automatically and are cryptographically signed.
🛡️
Infrastructure
SOC 2-compliant cloud hosting. Rate limiting, security headers (Helmet), and CORS policies on all endpoints.
📋
Audit Logging
Structured audit logs for all critical operations. Unusual activity is flagged automatically.
📴
Offline-First Safety
Atlas desktop data is stored locally and encrypted. Cloud sync uses end-to-end signed payloads.
Responsible Disclosure
Found a vulnerability?
We take all reports seriously and respond within 48 hours. Please disclose responsibly — we'll work with you to fix it.