Legal

Security

Last updated June 30, 2026

Security is foundational to how we build Glue42. This page summarizes the practices and controls in place today. It describes what is true now — not aspirational claims — and we update it as our program matures.

Access and data scoping

Data is scoped to your workspace, and access follows least-privilege principles so that people and systems only reach what they need.

Authentication

Glue42 is built to support enterprise single sign-on. Our access layer is SSO / SAML-ready so you can manage authentication through your own identity provider.

Audit logging and reversibility

Every autonomous action the agent takes is logged and attributable, and actions are designed to be reversible. This gives you a clear record of what changed, when, and why — and a way to roll it back.

Data protection

Data is encrypted in transit using TLS and is stored on managed cloud infrastructure that provides encryption at rest. We limit data collection to what the product needs to function.

Compliance posture

We follow recognized security practices and are working toward independent third-party attestations. We will publish them here once they are complete. Until then, we describe only the controls that are actually in place today.

Reporting a vulnerability

If you believe you have found a security issue, we want to hear from you. Please email security@glue42.ai with the details. We ask that you:

  • Give us a reasonable opportunity to investigate and remediate before any public disclosure.
  • Avoid accessing or modifying data that is not yours and avoid actions that could degrade the service for others.

Contact

Security questions or reports? Email security@glue42.ai.

Questions about this page? Contact us.