Back to Home

Security

At RunAgent, security is our top priority. We implement industry-leading practices to protect your AI agents and data.

Infrastructure Security

  • Secure, isolated containers for each deployed agent
  • Network segmentation and firewall protection
  • Regular security patches and updates
  • DDoS protection and rate limiting
  • 24/7 infrastructure monitoring and alerting
  • Automated backup and disaster recovery systems

Data Encryption

  • In Transit: TLS 1.3 encryption for all data transmission
  • At Rest: AES-256 encryption for stored data
  • API Keys: Securely hashed and never stored in plaintext
  • Secrets Management: Encrypted environment variables and secure key storage
  • Database Encryption: Full database encryption with regular key rotation

Access Control

  • Multi-factor authentication (MFA) support
  • Role-based access control (RBAC) for team management
  • API key authentication with fine-grained permissions
  • Session management with automatic timeout
  • IP allowlisting and restriction capabilities
  • OAuth 2.0 integration for enterprise authentication

Compliance & Auditing

  • Regular third-party security audits and penetration testing
  • SOC 2 Type II compliance (in progress)
  • GDPR and CCPA compliant data handling
  • Comprehensive audit logs for all system activities
  • Regular vulnerability scanning and remediation
  • Annual security certifications and assessments

Agent Isolation

  • Each agent runs in its own isolated container
  • Resource limits to prevent resource exhaustion
  • Network isolation between agents
  • Secure by default configurations
  • Automated vulnerability scanning of agent dependencies
  • Sandboxed execution environments

Incident Response

We have a comprehensive incident response plan that includes:

  • 24/7 security monitoring and alerting
  • Rapid response team for security incidents
  • Clear communication protocols for affected users
  • Post-incident analysis and remediation
  • Regular incident response drills and training

Best Practices for Users

We recommend the following security practices when using RunAgent:

  • Enable multi-factor authentication on your account
  • Use strong, unique passwords
  • Regularly rotate API keys and credentials
  • Review and limit team member permissions
  • Keep your agent dependencies up to date
  • Monitor your agent logs for suspicious activity
  • Use environment variables for sensitive configuration
  • Follow the principle of least privilege

Reporting Security Issues

If you discover a security vulnerability in our platform, please report it responsibly. We appreciate the security research community's efforts to keep RunAgent secure.

Report a Vulnerability

Please email security concerns to:

security@run-agent.ai

We aim to respond to all security reports within 24 hours and will work with you to understand and address the issue promptly.

Security Updates

We regularly update our security measures and will communicate significant security updates through:

  • Email notifications to all users
  • Security advisory page on our website
  • Status page updates
  • In-app notifications for critical updates