Security

Security you can explain to your board.

Dev Hugger is built with isolation, encryption, and clear governance so your projects and data stay yours.

This page is maintained by Dev Hugger to answer common security and privacy questions about the Dev Hugger platform. It describes enabled platform controls today and is not a certification. Some responsibilities are shared with you as the app owner and with your customers.
Secure project isolation

Each project runs in its own sandbox with isolated compute and storage.

Role-based access

Owners, editors, and viewers. Permissions scoped per project and workspace.

Audit logs

Every task, deploy, and access event is recorded and exportable.

Encrypted secrets

Secrets are encrypted at rest and only decrypted at execution time.

GitHub-safe export

Push to your own repo with your own credentials — no shared tokens.

Secure AI task execution

AI tasks run in ephemeral environments. No cross-project data access.

Deployment controls

Promote from staging to production explicitly. Rollback in one click.

Usage monitoring

Real-time visibility into what's running, who did it, and what it cost.

Enterprise governance

SSO, SCIM, VPC deployments, and custom data residency for regulated teams.

Data privacy

Your project data is yours. We do not train models on your content.

Compliance roadmap

Working toward SOC 2 and ISO 27001. Contact us for our current questionnaires.

Ready to build your next product?

Get 500 credits free. No card required. Ship your first app this week.