Security
How we protect your data and your agents.
Data Encryption
All data is encrypted in transit using TLS 1.2+ and at rest using AES-256. Sensitive values like environment variables and secrets are encrypted before storage and never exposed in plaintext.
Infrastructure
Gallery runs on isolated per-agent microVMs (Firecracker), ensuring strong isolation between workloads. No two agents share the same execution environment. Infrastructure is hosted on hardened cloud providers with regular security audits.
Access Controls
Access to production systems is restricted to authorized personnel with multi-factor authentication required. All access is logged and audited. We follow the principle of least privilege throughout our engineering organization.
Authentication
User authentication is handled via secure, industry-standard protocols. Passwords are hashed using bcrypt. We support OAuth via Google and GitHub. Session tokens are short-lived and rotated regularly.
Your Data
Your agent configurations, task data, and conversation history belong to you. We do not use your private data to train AI models. Data is logically isolated per workspace — no cross-tenant access is possible.
Vulnerability Disclosure
If you discover a security vulnerability, please report it responsibly to security@gallery.dev. We take all reports seriously and will respond within 48 hours.
Contact
Security questions or concerns? security@gallery.dev