Security is the boring foundation under everything Natoify does. Here's how we approach it, in plain English.
Encryption
- All traffic uses TLS 1.2+.
- Database at rest is encrypted with AES-256.
- Your bring-your-own-key API secrets are additionally encrypted column-level with pgcrypto using a key only the database can read.
Access control
Every table is protected by Row-Level Security. A signed-in user can only ever see their own rows. The only code paths that bypass RLS are server-side functions running with the service role, audited line by line.
Agent boundaries
The agent runner enforces a 3-run concurrency cap per user, validates every tool call, and refuses to ship credentials back to the model. Sensitive tools (send_email, scrape_url) require an explicit BYOK key — we never silently use a shared one.
Audit log
Every external MCP call is recorded in mcp_audit_log with timestamp, tool name, latency, and outcome. Pro and Team can export the log on demand.
Compliance roadmap
- SOC 2 Type I — in progress, target Q4 2026.
- GDPR / UK GDPR — already compliant.
- EU and US data residency available.
Reporting a vulnerability
Email security@natoify.com. We respond within one business day and credit researchers in our changelog with their permission.