Data Encryption
How TrustCyber encrypts your data at rest and in transit.
TrustCyber employs industry-standard encryption to protect your security data at every layer of the platform. All data is encrypted both in transit and at rest using modern cryptographic standards.
Encryption in Transit
All communication between your browser, the TrustCyber application, and external services (including Microsoft Graph) uses TLS 1.2 or TLS 1.3. TrustCyber enforces HSTS (HTTP Strict Transport Security) with a minimum age of one year and is included in major browser HSTS preload lists.
Encryption at Rest
All data stored in TrustCyber's database is encrypted at rest using AES-256. Database encryption keys are managed using a Hardware Security Module (HSM) and rotated annually. Backup data is encrypted using the same AES-256 standard.
| Data Type | Encryption Standard | Key Management |
|---|---|---|
| Database records | AES-256 | HSM-managed, annual rotation |
| File storage (reports, exports) | AES-256 | HSM-managed |
| API keys | bcrypt (hashed, not stored in plaintext) | N/A |
| Session tokens | HMAC-SHA256 signed JWTs | Rotated every 24 hours |