Hardened protocols for the Tulasi AI Engine.
All data in transit is protected using **TLS 1.3** with AES-256-GCM encryption. API communication between the frontend (Vercel) and the neural backend (Render) is strictly enforced over HTTPS with HSTS headers to prevent MITM attacks.
Our production databases (PostgreSQL) are siloed within a Private Virtual Cloud (VPC), unreachable from the public internet. Access is restricted to specific internal IP ranges used by our application instances, ensuring multiple layers of network isolation.
Tulasi AI utilizes industry-standard **JWT (JSON Web Tokens)** for session management. Passwords are never stored in plaintext; we use high-entropy salted hashing (**bcrypt** with adaptive cost factors) to protect user credentials against rainbow table and brute-force attacks.
For vulnerability disclosures or security-specific inquiries, please contact our founder directly via the Secure Channel.