Enterprise-grade security built into every layer of our infrastructure.
All media streams are encrypted with DTLS-SRTP. Signaling uses TLS 1.3. Data at rest is encrypted with AES-256.
Every participant requires a server-generated JWT token with scoped room permissions. No anonymous access possible.
Our edge network includes multi-layer DDoS mitigation, rate limiting, and automatic traffic anomaly detection.
Our infrastructure and processes are designed to meet SOC 2 Type II requirements for security, availability, and confidentiality.
Annual third-party penetration testing and continuous vulnerability scanning across all systems and SDKs.
Role-based access control (RBAC), audit logging, and API key rotation for all tenant accounts.
Found a vulnerability? We appreciate responsible disclosure.
Report security issues to our dedicated security team. We respond within 24 hours and offer recognition for valid reports.
Report a Vulnerability →