Security Overview
Version 1.0 · May 2026
1BCEO is built on a security-first architecture. Because the platform runs in your infrastructure with your keys, the security model is clear: you are in control.
You Own the Keys
No credentials are bundled with the installer. Every API key and secret is provided by you during setup, stored in your environment, and never transmitted to our servers.
Your Infrastructure
In cloud mode, the platform runs in your GCP project — not ours. In local mode, everything stays on your machine. We have no access to your deployment.
Permission Engine
Every agent operates under explicit, configurable permissions. Agents cannot exceed their granted tool access. High-stakes actions require human approval.
Full Audit Trail
Every action, approval, and agent decision is logged immutably. You have complete visibility into what happened, when, and why.
Responsible Disclosure
If you discover a security vulnerability in 1BCEO, please report it responsibly to security@1bceo.com. We will acknowledge within 48 hours and keep you informed as we address the issue.
We ask that you give us reasonable time to fix the issue before public disclosure and that you do not access or modify data beyond what is necessary to demonstrate the vulnerability.