SECURITY

Your events, protected at every layer.

Meshes is built with encrypted data handling, tenant and workspace isolation, and infrastructure designed to limit access to only what's needed for delivery, reliability, and support.

SECURITY PRINCIPLES

Built secure from day one

Encryption by default

Event data is encrypted in transit and at rest. Credentials and sensitive configuration are stored using encrypted secrets storage.

Tenant isolation at every layer

Meshes enforces tenant and workspace boundaries across data handling, access control, and delivery workflows, including multi-tenant scenarios where our customers serve their own customers through isolated workspaces.

Stored only as long as needed

Event payloads are retained for delivery, retry, replay, and dead letter handling within configured audit retention windows.

Secrets never in code

Integration credentials and signing secrets are kept out of source code and application logs and stored in encrypted systems.

HOW WE PROTECT YOUR DATA

Security at every layer

DATA HANDLING

What we store — and why

Meshes stores event payloads temporarily to route them, retry failed deliveries, support replay, and preserve failed deliveries for dead letter recovery. Event history availability is bounded by configured audit retention windows.

What we store

Event payloads
Delivery status and timestamps
Integration configuration and field mappings
Retry and dead letter metadata

What we do not store

Your application source code
Your database contents unless you send them in an event payload
User passwords from your app
Data you do not explicitly send to Meshes

Data flow

Your App → Sends event via SDK or API
Meshes Router → Receives and routes the event
Encrypted Storage → Retained for retry, replay, and failure handling
Destination Delivery → Delivered to configured downstream tools
Retention Window → Event history remains available within configured audit retention limits

ENCRYPTION

Protected in transit and at rest

Event data is protected from ingestion through delivery. Stored payloads and credentials are encrypted, and access is limited through system and authorization controls.

In Transit

HTTPS / TLS

At Rest

Encrypted storage

Isolation

Tenant and workspace boundaries

Secrets Storage

Encrypted secrets storage

INFRASTRUCTURE

Built on hardened cloud infrastructure

Meshes runs on US-based cloud infrastructure with controlled network paths, private service networking, and database-level authorization controls.

Cloud Infrastructure

Compute, storage, and networking run in a secured cloud environment.

Public Endpoint Protection

Public API and event endpoints use authenticated access paths, HTTPS, and org-level rate limiting.

Database-Level Authorization

Tenant authorization is enforced with database-level access controls and workspace-scoped permission checks.

US Data Residency

Customer data is processed and stored on infrastructure in the United States.

COMPLIANCE

Built with audit readiness in mind

Meshes is being built with formal security controls and audit readiness in mind. Some security and compliance milestones are planned but not yet complete.

SOC 2

Planned

Penetration Testing

Planned

GDPR Data Processor Model

Meshes processes Customer Data on behalf of customers.

Meshes does not claim current SOC 2 certification or completed third-party penetration testing on this page.

Report a vulnerability

If you discover a security issue, please report it responsibly.

SECURITY CONTACT

security@meshes.io

Ready to integrate with confidence?

Read the docs, send your first event, and see how Meshes handles the last mile securely.

Start Free Read the Docs

Free tier includes 100 events/month.

SECURITY

Your events, protected at every layer.

Meshes is built with encrypted data handling, tenant and workspace isolation, and infrastructure designed to limit access to only what's needed for delivery, reliability, and support.

SECURITY PRINCIPLES

Built secure from day one

Encryption by default

Event data is encrypted in transit and at rest. Credentials and sensitive configuration are stored using encrypted secrets storage.

Tenant isolation at every layer

Stored only as long as needed

Event payloads are retained for delivery, retry, replay, and dead letter handling within configured audit retention windows.

Secrets never in code

Integration credentials and signing secrets are kept out of source code and application logs and stored in encrypted systems.

HOW WE PROTECT YOUR DATA

Security at every layer

DATA HANDLING

What we store — and why

What we store

Event payloads
Delivery status and timestamps
Integration configuration and field mappings
Retry and dead letter metadata

What we do not store

Your application source code
Your database contents unless you send them in an event payload
User passwords from your app
Data you do not explicitly send to Meshes

Data flow

Your App → Sends event via SDK or API
Meshes Router → Receives and routes the event
Encrypted Storage → Retained for retry, replay, and failure handling
Destination Delivery → Delivered to configured downstream tools
Retention Window → Event history remains available within configured audit retention limits

ENCRYPTION

Protected in transit and at rest

Event data is protected from ingestion through delivery. Stored payloads and credentials are encrypted, and access is limited through system and authorization controls.

In Transit

HTTPS / TLS

At Rest

Encrypted storage

Isolation

Tenant and workspace boundaries

Secrets Storage

Encrypted secrets storage

INFRASTRUCTURE

Built on hardened cloud infrastructure

Meshes runs on US-based cloud infrastructure with controlled network paths, private service networking, and database-level authorization controls.

Cloud Infrastructure

Compute, storage, and networking run in a secured cloud environment.

Public Endpoint Protection

Public API and event endpoints use authenticated access paths, HTTPS, and org-level rate limiting.

Database-Level Authorization

Tenant authorization is enforced with database-level access controls and workspace-scoped permission checks.

US Data Residency

Customer data is processed and stored on infrastructure in the United States.

COMPLIANCE

Built with audit readiness in mind

Meshes is being built with formal security controls and audit readiness in mind. Some security and compliance milestones are planned but not yet complete.

SOC 2

Planned

Penetration Testing

Planned

GDPR Data Processor Model

Meshes processes Customer Data on behalf of customers.

Meshes does not claim current SOC 2 certification or completed third-party penetration testing on this page.

Report a vulnerability

If you discover a security issue, please report it responsibly.

SECURITY CONTACT

security@meshes.io

Ready to integrate with confidence?

Read the docs, send your first event, and see how Meshes handles the last mile securely.

Start Free Read the Docs

Free tier includes 100 events/month.