Security & Trust

You're handing us the keys
to your clients' sites

So here is exactly how we protect them — encrypted credentials, no passwords, a governed and audited action engine, EU data residency, and privacy-law-grade consent. Everything below is true today. Where we're still working, we say so.

How your data and sites are protected

Credentials encrypted with AES-256-GCM

Every provider API key and token you store is encrypted at rest with AES-256-GCM before it touches the database — never in plaintext. Keys are versioned by key-ID so they can be rotated, and a separate SHA-256 hash lets us validate a credential without ever decrypting it.

No passwords to steal

Sign-in is Google OAuth or a one-time email magic link — there is no interactive password to phish, reuse, or leak. Sessions are database-backed, optional TOTP two-factor is available, and auth cookies are scoped host-only per subdomain so the app and admin surfaces never share a session.

Governed, not fire-and-forget

Aura's action engine is governed. Mutating actions are risk-classified and approval-gated by default, higher-risk writes require explicit human sign-off before they touch a live site, and every action is recorded — who or what asked, who approved, and exactly what ran. On WordPress, each write carries a single-use, scoped grant the on-site plugin can enforce.

Your data stays in the EU

Your account and resource data is stored in the European Union — in Neon's EU (Frankfurt) region — and the Aura app that serves it runs in the same EU region (fra1), co-located with the database.

Built for GDPR & Israel Amendment 13

Consent is captured the way the law requires: separate, unchecked-by-default choices for privacy and for marketing, with marketing strictly opt-in and never a condition of signing up. Cookie consent is honored, and you can review or withdraw your choices at any time.

Least-privilege, open-source agent

SiteAgent connects with its own scoped token by default — not your WordPress admin password. Any credentials it does store are encrypted at rest with AES-256-GCM. It's free and open-source on wordpress.org and GitHub, so you can read exactly what it does. Row-level security is enabled on every database table as defense-in-depth on top of application-level tenant isolation.

Where we stand on compliance

We won't claim a certification we don't hold. Here's the honest status — what's in place, and what's still in progress.

  • GDPR-aligned data handlingIn place
  • Israel Privacy Protection Amendment 13 consentIn place
  • Encryption at rest for all provider credentialsIn place
  • SOC 2Readiness in progress — not certified
  • Independent third-party penetration testOn the roadmap

Found a vulnerability?

We'd rather hear it from you than from an attacker. Report a security issue and we'll work with you to fix it — no legal threats for good-faith research.