Security
Security at Vem.ai is shipped, not promised. Here is the posture and the proof.
Encryption
Workspace contents and project artefacts are encrypted at rest with AES-256 and in transit with TLS 1.3.
Sandboxed execution
Every agent action — terminal commands, code execution, deploys — runs in a per-project ephemeral sandbox with no cross-tenant access.
Secrets handling
Customer secrets (API keys, deploy tokens) are stored in a hardware-backed KMS and decrypted only inside the sandbox that needs them.
Night-Watch monitoring
The same workforce that ships your code monitors it. Anomalies trigger automated incident response with full audit trails.
Disclosure
security@vem.ai · We respond within 24 hours and credit responsible reporters in the changelog.