Security

Security-First Design

Factory CLI (Droid) is built with security at its core. Your code stays secure through encrypted authentication, strict permissions, and enterprise-grade protections.

Key Security Features

Secure Authentication

OAuth login with encrypted token storage. Tokens auto-rotate every 30 days and are stored with OS-level file permissions.

Permission Controls

All risky operations require explicit approval. Configure tool permissions from allow/ask/reject per your security needs.

Data Encryption

All data encrypted in transit (TLS 1.3) and at rest (AES-256 with AWS KMS). Factory never trains on your code.

Local Execution

Shell commands and file edits run locally. Only necessary context and diffs are sent to Factory’s secure cloud.

Security Best Practices

Always review suggested code and commands before approval. You control what Droid can access and execute.

Essential Security Guidelines

Review before approving

Use isolated environments

Manage permissions carefully

Protect sensitive data

Built-in Protections

Factory CLI includes multiple layers of security:

Write access restriction: Can only modify files in the project directory and subdirectories
Command approval: Risky operations require explicit user confirmation
Prompt injection detection: Analyzes requests for potentially harmful instructions
Network request controls: Web-fetching tools require approval by default
Input sanitization: Prevents command injection attacks
Session isolation: Each conversation maintains separate, secure context

Enterprise Security

SSO & Identity

SAML 2.0 / OIDC single sign-on with SCIM provisioning and role-based access controls.

Data Governance

Zero data retention mode, customer-managed encryption keys (BYOK), and private cloud deployments.

Compliance

SOC 2 Type II certified, GDPR compliant, with regular penetration testing and supply chain security.

Audit & Monitoring

Complete session logging, OpenTelemetry metrics, and enterprise-managed security policies.

Need Help?

Security Questions

Email our security team: security@factory.ai

Trust Center

Visit trust.factory.ai for compliance documents, certifications, and security resources.

Report security vulnerabilities through our responsible disclosure program. Contact security@factory.ai for details.

Getting Started

User Guides

Configuration

Account

Security-First Design

Key Security Features

Secure Authentication

Permission Controls

Data Encryption

Local Execution

Security Best Practices

Essential Security Guidelines

Built-in Protections

Enterprise Security

SSO & Identity

Data Governance

Compliance

Audit & Monitoring

Need Help?

Security Questions

Trust Center

Getting Started

User Guides

Configuration

Account

​Security-First Design

​Key Security Features

Secure Authentication

Permission Controls

Data Encryption

Local Execution

​Security Best Practices

​Essential Security Guidelines

​Built-in Protections

​Enterprise Security

SSO & Identity

Data Governance

Compliance

Audit & Monitoring

​Need Help?

Security Questions

Trust Center

Security-First Design

Key Security Features

Security Best Practices

Essential Security Guidelines

Built-in Protections

Enterprise Security

Need Help?