Enterprise-Grade Security

Built from the ground up with security at every layer. Your data, your automations, your peace of mind.

Last updated: October 2025 SOC 2 Type II Certified

Infrastructure Security

Military grade encryption, isolated environments, and zero trust architecture protecting your data at rest and in transit.

  • TLS 1.3 encryption
  • AES-256 at rest encryption
  • Isolated runtime containers
  • DDoS protection & WAF

Access Control

Granular permissions and authentication controls ensuring only authorized users access your automations and data.

  • Scoped OAuth 2.0
  • Multifactor authentication
  • Role based access control
  • Session management

Monitoring & Auditing

Comprehensive logging and real time monitoring to detect anomalies and provide full visibility into every action.

  • Real time threat detection
  • Complete audit trails
  • Automated alerting
  • Security event logging

Vulnerability Management

Proactive security testing and rapid response protocols to identify and patch vulnerabilities before they become threats.

  • Weekly vulnerability scans
  • Penetration testing
  • Dependency monitoring
  • Bug bounty program

Compliance & Certifications

Meeting industry standards and regulatory requirements to earn your trust

SOC 2 Type II

Annual audits of our security controls and practices

GDPR Compliant

Full compliance with EU data protection regulations

CCPA Compliant

California Consumer Privacy Act adherence

HIPAA Ready

Healthcare data protection infrastructure in place

You're in Control

Powerful tools to manage your security and privacy settings

Full Transparency

See exactly what permissions each automation requests before installation. Review all scopes and data access in plain language.

Instant Revocation

Disconnect any service or automation instantly from your dashboard. Your connections, your rules—no waiting periods.

Activity Logs

Complete run history for every automation with detailed logs. Know exactly what happened, when, and why.

Security Dashboard Live
Google Drive Connected 2 weeks ago
Gmail Connected 5 days ago
Calendar Connected today

Responsible Disclosure Program

Security researchers and ethical hackers play a vital role in keeping Saros secure. We appreciate responsible disclosure and work closely with the security community.

1

Report

Email security@saros.app with vulnerability details and reproduction steps

2

Acknowledge

We'll confirm receipt within 24 hours and provide a timeline for investigation

3

Resolve

We'll work to patch the issue and keep you updated on our progress

4

Recognize

Public recognition and potential rewards for qualifying vulnerabilities

Guidelines

  • Do not access or modify user data without permission
  • Do not perform tests that could degrade service quality
  • Do not publicly disclose vulnerabilities before we've had a chance to fix them
  • Provide detailed reproduction steps and impact assessment

Incident Response

In the unlikely event of a security incident, we have a comprehensive response plan to protect our users and maintain transparency.

Detection & Assessment Immediate investigation and impact analysis
Containment Isolate affected systems and prevent further impact
Notification Inform affected users and relevant authorities per legal requirements
Resolution & Review Fix vulnerabilities and conduct post-incident analysis

Report a Security Concern

If you believe you've discovered a security vulnerability or have a security concern, contact us immediately.

security@saros.app
PGP key available for encrypted communications