Security at Musher
Security is built into the architecture — encryption, isolation, and integrity verification at every layer. Not bolted on after the fact.
How we protect your data
Specific controls, not vague promises.
Data Protection
- Encryption at rest and TLS 1.3 in transit
- Tenant isolation between organizations
- DDoS protection and rate limiting at the edge
Content Integrity
- OCI content signing with ECDSA P-256 keys
- Bundle integrity verification on every install
- Configurable trust policies per organization
- Content-addressed storage with SHA-256
Access Control
- Role-based access control (RBAC)
- Scoped API keys stored as cryptographic hashes
- Organization-level workspace isolation
- Audit logging for security-relevant actions
Responsible Disclosure
Found a vulnerability? Report it directly. We will not pursue legal action against good-faith security researchers.
[email protected]This page is informational and is not part of the Terms of Service. For binding commitments, refer to our legal documents.
Last updated: April 2026