Skip to Content
Security & Privacy

Security & Privacy

Security and privacy are fundamental pillars of the Bytesalt platform. We designed Bytesalt with a security-first approach to ensure that your infrastructure, applications, and sensitive data remain protected at all times.

Secure Tunneling

Bytesalt allows you to test applications running in local development or internal staging environments without exposing them to the public internet.

  • Encrypted Connection: The Bytesalt tunnel establishes a secure, encrypted connection between your environment and our testing infrastructure.
  • No Inbound Ports: You do not need to open any inbound firewall ports. The tunnel client (part of the Bytesalt CLI) initiates an outbound connection.
  • On-Demand Access: Tunnels are only active during a test run and are terminated immediately upon completion or timeout.

For more details on setting up and using a tunnel, see the Tunnel documentation.

Data Protection

We employ industry-standard encryption and security practices to protect your data throughout its lifecycle.

In Transit

All connections between the Bytesalt CLI, your web browser, and our cloud infrastructure are secured using TLS 1.2 or higher. This ensures that command inputs, test results, and administrative actions are protected from interception as they travel across the public internet.

At Rest

Sensitive data is encrypted at rest using high-grade encryption such as AES-256. For instance, artifacts stored in our storage systems leverage server-side encryption.

Artifact Access Control

Test artifacts—such as screenshots, videos, and execution logs—contain vital information about your application’s behavior. Access to this data is strictly governed:

  • Role-Based Access Control (RBAC): Only authorized members of your organization can view test results and artifacts.
  • Time-Limited Signed URLs: Artifacts are served via secure, time-limited signed URLs. These links expire shortly after generation, preventing unauthorized long-term access.
  • Isolation: Your organization’s data is logically isolated from other customers. Agents operating on your behalf only have access to your specified environment and context.

Privacy & Isolation

Bytesalt is built to ensure complete isolation between different organizations. We use Resource Scoping to guarantee that AI agents are provisioned with access only to the specific resources and data relevant to the organization running the job, preserving a strict data boundary for every customer.

Last updated on
ReportsCommand Reference