Security
Security & trust
We treat your customers, deliveries, and financials like our own β because for our team, they are.
Encryption
AES-256 at rest. TLS 1.3 in transit. End-to-end on POD signatures.
Infrastructure
Hosted on AWS with multi-AZ failover. Daily encrypted backups, 30-day retention.
Access control
Role-based permissions. 2FA available. SSO for Enterprise. Audit logs everywhere.
Compliance
SOC 2 Type 2 in progress. GDPR-ready. FBR, ZATCA, UAE VAT certified.
Privacy
Tenant data isolated. No cross-tenant access. Data residency in your region.
Incident response
24/7 monitoring. Breach notification within 72h. Public status page at status.distroops.app.
Reporting a vulnerability
If you discover a security vulnerability, please email security@distroops.app with details. We respond within 24 hours and have a responsible disclosure policy.
We do not currently run a public bug bounty, but we recognize and credit responsible disclosure on our security acknowledgments page.