Security at ChooChoo

Security is not an add-on; it's the core of our product. We protect your decision traces with the same rigor you apply to your production code.

Roadmap to Compliance

We are building ChooChoo with a security-first mindset from the ground up. While we are an early-stage company, we are actively laying the groundwork for enterprise-grade compliance. We are implementing industry-standard controls and will be pursuing SOC 2 and other certifications as we scale.

Data Encryption

  • At Rest: AES-256 encryption for all persistent data storage.
  • In Transit: TLS 1.3 for all data moving between your agents, the CLI, and our platform.

Access Control

We practice the principle of least privilege in our internal operations and product design.

  • Designed for Multi-Factor Authentication (MFA).
  • Audit logging for critical system access.
  • Strict role-based access control (RBAC) models.

Report a Vulnerability

If you believe you have found a security vulnerability in ChooChoo, please report it to us immediately. We take all reports seriously and will respond promptly.

Contact Security Team