AzureProof Docs
security

Encryption at rest

AES-256 on the database; client secrets envelope-encrypted with a per-org KEK.

All AzureProof data is encrypted at rest with AES-256. Client secrets are additionally encrypted at the application layer with a per-organization key-encryption-key (KEK) before being stored.