At Parallel Labs, we take the security of our systems and customer data seriously. We appreciate the security research community’s efforts in helping us maintain a safe environment.
Data Protections
- Data encryption at rest (AES-256)
- Encryption in transit (TLS 1.2+)
- LLM no training policy by default
- Zero Data Retention upon request
- Audit logging
- Automatic PII redaction in logs
Authentication & Access
- Single Sign-On (SSO)
- Multi-Factor Authentication (MFA) – Coming Soon (Jan 2026)
- Role-Based Access Control (RBAC)
- API key management
- JWT-based authentication
Infrastructure Security
- 99.9% uptime SLA
- Automatic backups
- DDoS protection
- Web Application Firewall (WAF)
- Auto-scaling infrastructure
Compliance & Governance
- CSA STAR Level 1
- Trusted Site
- GDPR/CCPA Compliant
- SOC 2 Type II partner infrastructure
Working Towards
- SOC 2 Type I (Planned 2026)
- ISO 27001 (Planned 2026)
- HIPAA (planned 2026)
Vendor Security Pages
Open Router (LLM Provider) https://trust.openrouter.ai
Google Vertex AI https://docs.cloud.google.com/vertex-ai/generative-ai/docs/vertex-ai-zero-data-retention
Supabase https://supabase.com/security
Digital Ocean https://www.digitalocean.com/trust/resources
Reporting a Vulnerability
If you believe you’ve discovered a security vulnerability in our products or services, we encourage you to report it to us responsibly.
How to Report
- Email: security@parallellabs.app
- PGP Key: Download our PGP key for encrypted communications
What to Include
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Any proof-of-concept code (if applicable)
- Your contact information for follow-up
Our Commitment
- We will acknowledge receipt of your report within 48 hours
- We will provide regular updates on our progress
- We will notify you when the vulnerability is fixed
- We will credit you in our Hall of Fame (if desired)