Your credentials are sensitive. We built Vespine to protect them — with encryption, isolation, and zero plaintext storage.
Your utility passwords are never stored in plaintext. We use AES-256 encryption — the same standard used by banks and government agencies — to protect credentials at rest.
Every connection to Vespine uses TLS 1.3, the latest and most secure transport protocol. Data moving between your browser, our servers, and utility portals is always encrypted.
The moment you enter a credential, it's encrypted before storage. We use a secure vault architecture that isolates credentials from application code. Decryption only occurs in memory.
Access to production systems is strictly limited. All access requires multi-factor authentication and follows the principle of least privilege. No single employee can access your credentials.
Every action in Vespine is logged: credential access, bill downloads, data exports. You have full visibility into what our system does with your accounts through your dashboard.
We maintain documented incident response procedures and would notify affected customers promptly in the event of any security issue. Regular security reviews keep us prepared.
From submission to usage, your credentials are always protected
You enter credentials through our encrypted dashboard (HTTPS/TLS 1.3)
Credentials are encrypted with AES-256 before storage
Encrypted credentials stored in isolated secure vault
Credentials decrypted only in memory during automation runs
No human access to plaintext credentials — ever
Where your data lives and how it's protected
For enterprise customers with specific compliance requirements, we can pursue SOC 2 certification or complete your security assessment process.
Contact us to discussRemove credentials instantly from your dashboard
See every bill download and data access
Control which team members can view credentials
Download your data at any time
Request complete data deletion
Complete history of all actions
No one. Not even Vespine employees. Credentials are encrypted with keys that are not accessible to our team. Decryption only happens programmatically during automation runs.
Vespine maintains 99.5%+ platform uptime. For bill fetching, our success rate averages 98%+ across all providers. Failed fetches (usually due to utility portal outages) automatically retry. You can monitor job status in real-time from your dashboard.
We implement SOC 2-aligned security controls (encryption, access controls, audit logging) but have not yet completed formal certification. For enterprise customers who require SOC 2, we can pursue certification as part of your engagement. Contact us to discuss your compliance needs.
In the unlikely event of a breach, encrypted credentials would be useless to attackers without the encryption keys, which are stored separately with additional protection. We maintain incident response procedures and would notify affected customers promptly.
We maintain documented incident response procedures and conduct regular security reviews. We would notify affected customers promptly in the event of any confirmed security issue.
Yes. We're happy to complete your vendor security assessment, SIG, or CAIQ questionnaire. Contact us to get started.
Yes. Our AI agents handle common 2FA methods (SMS codes, email codes, authenticator apps) automatically. For accounts with MFA, we securely manage the verification process.
Our AI agents adapt to portal changes automatically — that's a key advantage over traditional scraping. When utilities update their websites, our agents figure out the new flow without manual intervention. In rare edge cases, we resolve within 24 hours.
Our team is happy to walk through our security architecture or complete your vendor assessment.
Book a Security Review