Logic64
Security

Built with security at every layer.

Security is not a feature in Logic64 — it’s a design constraint. From process isolation in the AI engine to payment tokenization, every layer is built to minimize risk surface.

TLS 1.3
AES-256 at rest
PCI DSS via Stripe
SOC 2 Compliant Auth

Security Architecture

Data Encryption

All connections use TLS 1.3. Your workspace data and project specs are stored encrypted at rest via AES-256 hardware-level encryption. Payment data never touches our servers.

Authentication

Identity managed by a SOC 2 certified provider — we never store passwords. Sessions use short-lived JWT tokens. Refresh tokens are rotated on use. MFA is available on all accounts.

Process Isolation

Every AI generation runs in an isolated subprocess (multiprocessing.Process). No shared memory between user requests. Temp directories are scoped per-job and purged on completion.

Payment Security

Payments processed exclusively by Stripe (PCI DSS Level 1 certified). We store only a tokenized reference — no card numbers, CVVs, or full billing addresses on our systems.

Access Control

Role-based access on every API endpoint. Workspace data is strictly scoped to the owning account at the database query level — cross-tenant data leakage is architecturally impossible.

Dependency Security

Automated CVE scanning on every build. Critical vulnerabilities patched within 48 hours. Minimal dependency surface — no LangChain, no agent frameworks, no heavy ML runtimes in the API path.

Found a vulnerability?

We operate a responsible disclosure program. If you discover a security vulnerability in Logic64, please report it privately before any public disclosure. We commit to acknowledging every report within 24 hours and resolving critical issues within 72 hours.

We do not currently operate a paid bug bounty program, but we deeply appreciate responsible researchers and will credit your disclosure publicly with your permission.

security@logic64.com →

Trusted Infrastructure

Primary Database

Serverless PostgreSQL

Encrypted at rest, isolated per-project connection strings, automatic backups.

Distributed Cache

Job queue & caching

TLS-only connections, short TTL on job records, no persistent user data.

Identity Provider

Identity & authentication

SOC 2 Type II certified. We never receive raw credentials.

Stripe

Payment processing

PCI DSS Level 1 — the highest level of payment security certification.

Edge Network

Cloud infrastructure

Automatic HTTPS, DDoS protection, global content delivery with advanced PoPs.

Security questions, audit requests, or compliance documentation?

security@logic64.com