Security

How we keep your code and data safe.

Security isn't a bolt-on here, it's baked into the paved road. This is what the platform does for you by default, in plain language.

Where it lives

EU-hosted

Your apps and data run on managed infrastructure in the European Union. No surprise regions, no data quietly shipped elsewhere.

Isolation

Separated workloads

Each project runs in its own container with its own storage, under clear memory and CPU limits, so one app can't reach into another.

Secrets

Encrypted, never in source

API keys and config are stored as encrypted environment variables and injected at runtime, you never hard-code them into your repo.

Access

Scoped, revocable keys

Every access key and connection is scoped to a single project and can be revoked instantly. Revoking takes effect right away.

Auth by default

Nothing open by accident

Every route on a deployed app requires a key unless you deliberately make it public. You don't have to remember to lock things down.

Egress control

Outbound is locked down

An app can only reach the places you allow. A compromised or runaway process can't phone home, mine crypto or exfiltrate data.

In transit

HTTPS everywhere

Every app is served over HTTPS with a valid certificate, issued and renewed automatically. There's nothing to configure.

Abuse protection

Automatic brakes

Hard per-project limits and an automatic brake on abusive behaviour keep a single bad run from taking down the platform.

Sign-in

Trusted identity providers

People sign in with GitHub, Google or Microsoft. We don't ask you to create or manage another password.

Responsible disclosure

Found something?
Tell us.

If you believe you've found a security vulnerability, please report it to security@denkops.com before disclosing it publicly. Give us a clear description and steps to reproduce, and give us a reasonable window to investigate and fix it. We don't take legal action against good-faith security research that respects our users' data and doesn't disrupt the service.