All API keys are encrypted at rest using AES-256-GCM, the same standard used by banks and government agencies.
Sessions are managed with signed JWT tokens stored in httpOnly cookies, preventing XSS attacks.
All data in transit is encrypted with TLS 1.3. No unencrypted connections are ever accepted.
Your data is stored on Neon PostgreSQL with encryption at rest, automated backups, and secure connection pooling.
We never sell, share, or monetize your data. Your content and credentials stay yours.
We regularly review our security practices and dependencies to ensure we stay ahead of vulnerabilities.
We appreciate responsible disclosure. If you've found a security issue, please report it to contact@vitalposts.inand we'll respond within 24 hours.