Security built for engineering teams
Your code and test data stay yours. Here's how we protect it.
How BotGauge handles your code and data
We do not sell a compliance certification. We can tell you specifically what we do and do not do with your code, test data, and credentials.
Data encryption
All stored data is encrypted at rest using AES-256. All data in transit uses TLS 1.3. This includes test results, logs, and any credentials you pass as environment variables.
Isolated execution environments
Every test run executes in an ephemeral, isolated container. Containers are torn down after execution. No shared runtime state between tenants.
Access controls
RBAC for team permissions. SSO/SAML available on Enterprise plan.
Audit logs
Full audit trail for all test runs, access events, and configuration changes.
No source code stored
BotGauge does not persist your source code. The crawler reads your running app — it does not clone or cache your repository. Your intellectual property stays in your version control system.
Responsible disclosure
We operate a responsible disclosure program. If you find a vulnerability, email [email protected] with a description. We respond within 48 hours and disclose fixes publicly after remediation.
Security questions or vulnerability reports — email [email protected]. For Enterprise security reviews, contact us through the sales form.