Trust & Security
Your data and your customers' data is sacred. Here is how we protect it.
How we protect you
All data is encrypted in transit using TLS 1.3 and at rest using AES-256. We encrypt every byte, every time.
We are SOC 2 Type II certified, audited annually by an independent third party for security, availability, and confidentiality.
Hosted on AWS with multi-region redundancy. No single point of failure. 99.9% uptime SLA backed by our contract.
Role-based access controls, SSO support, and audit logs for every action taken in your workspace.
API keys and secrets are stored using industry-standard vaults. Keys are never logged or exposed in plaintext.
We conduct annual penetration tests with third-party security firms and address all critical findings immediately.
Compliance
TLS 1.3 for all data in transit
AES-256 encryption at rest
HTTPS enforced everywhere
SOC 2 Type II certified
Annual third-party penetration tests
Bug bounty program
GDPR and CCPA compliant
Role-based access controls
SSO / SAML support
Audit logs for all actions
Automated vulnerability scanning
99.9% uptime SLA
Bug Bounty
We believe that working with security researchers is essential to keeping our platform safe. If you discover a security vulnerability, we want to know about it.
Please report vulnerabilities to security@useruna.ai. We commit to acknowledging your report within 24 hours, keeping you informed of our progress, and rewarding valid findings through our bug bounty program.
Report a vulnerabilityOur security team is happy to answer any questions or provide documentation for your compliance review.