Security
We take security seriously.
Encryption
All data transmitted to and from APIFrame is encrypted using TLS 1.2+ (HTTPS). Sensitive data at rest, including API keys and credentials, is encrypted using AES-256. We follow industry best practices for key management and rotation.
Compliance
We are actively working toward SOC 2 Type II compliance. Our infrastructure is hosted on enterprise-grade cloud providers with ISO 27001 and SOC 2 certifications. We conduct regular security assessments and penetration testing to identify and address vulnerabilities.
Responsible Disclosure
If you discover a security vulnerability, we encourage you to report it responsibly. Please email security@apiframe.ai with details of the vulnerability. We commit to acknowledging your report within 48 hours and providing regular updates on our progress toward a fix.