Security tools require absolute trust. Here is exactly how Erzo handles your code, your data, and your privacy.
Erzo only requests read-only access to your repositories. We cannot push, modify, or delete your source code. Our GitHub App strictly adheres to the principle of least privilege.
Your source code is cloned into ephemeral, isolated memory spaces. Once a scan completes—which takes seconds—the repository is immediately wiped. We do not train AI models on your code.
All data transmitted to and from Erzo is encrypted using TLS 1.3. Any persisted metadata (like vulnerability reports) is encrypted at rest using AES-256 in our secure Supabase infrastructure.
Erzo's internal controls around security, availability, and processing integrity are designed to meet strict enterprise standards for software supply chains.