Skip to main content
System Security

Protecting your infrastructure

RouterMCP is built and operated by the RouterMCP team. We design for secure defaults, defense‑in‑depth, and least privilege across product, platform, and operations.

TLS 1.3AES-256-GCMRBACAudit loggingSecrets isolation

Data Protection

All endpoints enforce TLS. Data is encrypted at rest where supported by our providers.

  • TLS for all traffic
  • At‑rest encryption for storage
  • Key/secret rotation procedures

Access Controls

Least privilege and isolation at the core of our infrastructure.

  • Project and environment isolation
  • Role‑based access (RBAC)
  • Per‑tool enablement and defaults

Policies & Guardrails

Programmable safety layers for your agent connections.

  • Rate limits and timeouts
  • IP allowlists
  • Request size and concurrency controls

Audit & Observability

Complete visibility into every tool call and configuration change.

  • Structured logs with latency and errors
  • Export to your SIEM (Enterprise)
  • Project‑level dashboards

Vulnerability Management

Regular scanning and patching to maintain a hardened surface.

  • Automated scanning and patching
  • Dependency updates and review
  • Hardened container images

Responsible Disclosure

Found a vulnerability? Please report it so we can investigate promptly.

  • Coordinated vulnerability disclosure
  • Prompt remediation timeline
  • Security hall of fame

Incident Response

Our team follows a rigorous incident management process including triage, containment, remediation, and post‑incident review with root‑cause analysis.

24/7 Security Coverage

Enterprise Compliance

SSO/SAML, SCIM, SIEM exports, and dedicated SLAs are available for Enterprise customers.

Effective date: October 3, 2025