loading broccoloading broccoloading broccoSecurity and trust
Brocco is the runtime your security team can sign off on. Encryption, access control, and audit trails wired in by default. BYOK keeps your data in your hands.
Audit in progress. Full controls implemented across access, change-management, monitoring, and incident response. Final report on request.
Compliant since launch. DPA available. EU data hosted on Vercel and Hetzner Frankfurt (DE) regions. Data subject rights honored within 30 days.
AES-256 at rest, TLS 1.3 in transit. Secrets managed by Vercel + 1Password. No customer data ever leaves the encrypted tier.
On paid plans, brocco calls Anthropic with ZDR enabled by default. We never store prompts after a run completes. Audit logs are JSONL, owned by you.
Bring your own Anthropic / OpenAI / Ollama key. On free tier, prompts go directly from your browser to your provider. We never see them.
Run brocco on Hetzner, Vercel, or your own laptop. Enterprise gets a Helm chart, air-gap-compatible Docker image, and SSO/SCIM out of the box.
Found something? Email security@brocco.dev. We respond within 1 business day and have a bounty program for verified critical issues.
All systems operational. We post incidents to the changelog and email paid customers within the hour.
brocco runs your business while you sleep. 100 agent runs free, every month, forever. no card.