Security

Enterprise-Grade Security

Your code and data security is our top priority. Zyro is built with security-first architecture and industry-leading practices.

Request Security ReviewContact Security Team

SOC 2 Type II

Independently audited security controls for service organizations

Certified

GDPR Compliant

Full compliance with European data protection regulations

Compliant

ISO 27001

Information security management system certification

In Progress

CCPA Compliant

California Consumer Privacy Act compliance

Compliant

Security Features

Comprehensive security controls protect your data at every layer.

Encryption at Rest

All data is encrypted using AES-256 encryption when stored in our databases and file systems.

Encryption in Transit

All data transmitted between your browser and our servers is protected with TLS 1.3 encryption.

Access Controls

Role-based access control (RBAC) ensures users only access data they need. SSO and MFA supported.

Audit Logging

Comprehensive audit logs track all user actions and system events for compliance and forensics.

Network Security

WAF, DDoS protection, and network segmentation protect against external threats.

Vulnerability Management

Regular penetration testing, vulnerability scanning, and responsible disclosure program.

How We Handle Your Data

Transparency about how your code and data are processed.

Code Processing

Code is never stored

Your code is processed in memory to generate test cases. We do not permanently store your source code.

Test Artifacts

You own your data

Generated test blueprints and scripts are stored encrypted and belong to you. Export or delete anytime.

AI Training

No training on your data

We never use your proprietary code or data to train our AI models. Models are trained on public/synthetic data.

Data Isolation

Tenant isolation

Each customer's data is logically isolated. Enterprise customers can opt for dedicated infrastructure.

Infrastructure Security

Built on enterprise-grade cloud infrastructure with multiple layers of protection.

Cloud ProviderAWS (US regions)
Data CentersSOC 2 certified facilities
Uptime SLA99.9% availability
Backup FrequencyContinuous with point-in-time recovery
Disaster RecoveryMulti-region failover
Incident Response24/7 monitoring and response

Responsible Disclosure Program

We value the security research community. If you discover a vulnerability, please report it responsibly.

Report

Email hi@thetagenlabs.ai with details

Response

We respond within 24 hours

Reward

Eligible for bug bounty rewards

Report a Vulnerability

Questions About Security?

Our security team is available to answer questions and provide additional documentation for enterprise security reviews.

Contact Saleshi@thetagenlabs.ai