Security
Secrets management
How BonData stores credentials, encryption keys, and customer integration secrets.
BonData handles credentials in a way that minimizes plaintext exposure and removes long-lived credentials from any place they could be exfiltrated. All sensitive material, database credentials, message-broker credentials, model-provider API keys, application-layer encryption keys, and customer-supplied integration credentials, is stored in a managed secrets vault encrypted at rest, with access scoped to the specific service that needs it.