Security First

You're trusting us with credentials to your most important data. Here's exactly how we protect them.

Zero-knowledge backup encryption AES-256-GCM at rest TLS in transit Zero credential logging Open source

Zero-Knowledge Backup Encryption

  • Optional AES-256-GCM per-connection backup encryption — backups are encrypted before leaving your server
  • Your backup password is never stored in plaintext; only a PBKDF2-derived key (100k iterations, SHA-256) is kept, itself encrypted with the master key
  • Even if your storage bucket (S3, MinIO, R2) is compromised, encrypted backups are unreadable without your password
  • We cannot recover your backup encryption password — zero-knowledge means zero access
  • Encrypted backups are transparently decrypted during 1-click restore; unencrypted backups continue to work unchanged

Credential Protection

  • AES-256-GCM encryption for all database passwords at rest
  • Credentials masked in the UI after saving — the plaintext never comes back
  • Credentials are never written to application logs
  • Passwords are decrypted in memory only at the moment a backup runs, then discarded
  • Separate ENCRYPTION_KEY from your database password — compromise one, not both

Data in Transit

  • All API communication served over HTTPS/TLS in production
  • Database connections use SSL where the target supports it
  • MinIO and S3-compatible storage connections use HTTPS
  • JWT tokens signed with HS256 and expire after 24 hours

Your Data, Your Control

  • We never read, scan, or process the contents of your backup files
  • Backup files land directly in YOUR storage bucket — we are only a conduit
  • Delete a connection and its credentials are permanently gone
  • Full audit log of every action: who did what, when, from which IP
  • Retention policies let you auto-delete old backups on your own schedule

Open Source & Self-Hostable

  • Fully open source — read every line of code on GitHub
  • Self-host on your own infrastructure with Docker Compose in under 5 minutes
  • No vendor lock-in: your data stays in the storage bucket you already own
  • Don't trust us? Run it yourself and never send us a single credential

Compliance Ready

  • Generate signed PDF compliance reports for any date range, on demand
  • Audit logs provide a complete immutable trail for SOC 2 / ISO 27001 reviews
  • Backup verification confirms integrity without touching production data
  • Anomaly detection flags unusual backup sizes before they become incidents

Responsible Disclosure

  • Found a vulnerability? Email [email protected]
  • We triage all security reports within 48 hours
  • We will never take legal action against good-faith security researchers
  • Critical fixes are patched and released as a priority