Security

MergeMesh is built for B2B teams handling sensitive brand and integration data. High-level practices include: role-based access to the dashboard, encryption for credentials and keys at rest, service-role isolation on the server, rate limiting on public APIs, and audit logging for governance-sensitive actions.

This page does not replace a formal security questionnaire or SOC report. For a detailed review, pen-test results, or responsible disclosure, contact your MergeMesh representative and reference your NDA.

Report suspected vulnerabilities through the channel provided in your contract or security@ contact on file — not via public GitHub issues.

Last updated: 2026-06-25