End-to-End Encryption
Secure Encryption with no access to your secrets
ENV is built for developers ❤️ but with enterprise features such as Access Log, Rotating an Encryption Key, and end-to-end encryption, ensuring it can be deployed in any environment.
No Access to Your Secret Key
All of your .env files are stored fully encrypted using a local secret key that Hyphen never has access to. Both encryption and decryption happen locally, ensuring that your .env files and the secrets they contain are never accessible by Hyphen.
Secure Network with Authentication
Not only are your files encrypted locally, but all data is transferred over SSL-encrypted connections and stored fully encrypted at rest.
ENV includes robust user and API key authentication by default, with full Access Log audits on every push and pull request.
For additional security enabling IP Access Rules to ENV overriding authentication that does not match the IP address access rules.
Why Aren't Our Secrets Visible in the Dashboard?
As we’ve emphasized, the reason we don’t display secrets in the dashboard is that we have no access to your application’s secret key. Everything remains fully encrypted and out of Hyphen’s reach.
Updated about 1 month ago