EnyosEnyos

Security

Trust is the product.

Enyos has access to a lot. We treat that access the way you would — carefully, with the smallest blast radius possible.

Local-first by design

Sensitive context stays on your device. You decide what leaves it and where it goes.

Encrypted end-to-end

TLS in transit. Keychain at rest. Per-integration scoped tokens you can revoke any time.

Minimal data, minimal retention

We store the least we can. Logs are scrubbed and rotated. Memory is yours to delete.

Our practices

  • All connections to Enyos services use TLS 1.3.
  • Tokens for third-party integrations are stored in the macOS Keychain.
  • We follow OWASP ASVS guidelines for the desktop app and the backend.
  • Dependencies are scanned continuously; patches are shipped within 7 days for high-severity CVEs.
  • We perform regular internal threat-modeling reviews on every major change.
  • Production access is gated behind hardware-backed SSO and audit-logged.

Responsible disclosure

If you've found a security issue, we want to hear from you. Please email us with a description, reproduction steps and any relevant artifacts. We aim to acknowledge within 24 hours and to coordinate a fix and disclosure timeline with you. We don't pursue legal action against good-faith security research.

[email protected]