Security at Capy
SOC 2 compliant, isolated agent environments, scoped access.
How We Protect Your Code
Security controls span infrastructure, product workflows, and AI-provider data handling.
Infrastructure Security
Production systems use encryption in transit, encryption at rest where supported, access controls, monitoring, and change-management processes.
AI Provider Security
Capy does not use non-public customer code or Customer Content to train models that Capy develops or controls unless you explicitly opt in or separately agree in writing. Third-party provider processing is subject to provider terms.
Data Processing
Our Privacy Policy, DPA, and Subprocessors page describe what data is processed, why, and by which providers.
Vulnerability Reporting
We take security reports seriously and aim to acknowledge reports quickly. Report vulnerabilities to security@capy.ai.
FAQ
Common questions about security at Capy.
Is Capy SOC 2 compliant?+
How does Capy handle AI provider data?+
Where is my data processed?+
How do I report a security vulnerability?+
Ship with confidence
Security-conscious controls from day one. Start building with Capy today.