Security

Isolation enforced by the database

Security shouldn't depend on application code being perfect. KREO isolates every tenant at the PostgreSQL privilege level, so a bug in a query can never reach another customer's data.

Defense in depth

How we protect your data

Multiple independent layers, each enforced by the platform.

Per-tenant database roles

Each organisation runs under its own PostgreSQL login role, scoped to its own schema. Cross-tenant access is rejected by PostgreSQL itself — not by application code.

AES-256-GCM encryption

Integration secrets and credentials are sealed at rest with authenticated encryption, using rotatable keys.

Passkeys & MFA

WebAuthn passkeys and TOTP multi-factor authentication protect every account, with bcrypt password hashing as the baseline.

Hardened API keys

Keys are stored only as SHA-256 hashes, can be expired, and can be locked to specific CIDR ranges.

IP allowlisting

Restrict API access to trusted networks so a leaked key is useless from anywhere else.

Audit logging

Logins, key rotations and privileged actions are recorded with IP address and user agent.

Brute-force protection

Independent per-IP and per-account rate limits with constant-time password verification.

Secure sessions

Stateless, signed JWT sessions delivered over HTTP-only, Secure, SameSite cookies.

Responsible disclosure

If you believe you've found a security vulnerability in KREO, we want to hear from you. Email security@kreo.work with details and steps to reproduce. We investigate every report and will keep you updated on remediation.

Data residency

KREO's infrastructure is hosted in the European Union. Where data is transferred internationally, we use appropriate safeguards. See our Privacy Policy.

Build on a secure foundation

Multi-tenant isolation, encryption and MFA — included on every plan.