Skip to main content
Gumstack is built for enterprise IT and security teams. Every layer of the platform, from infrastructure to application code, is designed to keep your data, credentials, and API traffic secure. This section covers the security properties that matter most when evaluating Gumstack for your organization.

Security at a glance

AreaImplementation
Encryption at restGoogle Cloud KMS (AES-256-GCM) for all secrets, credentials, and environment variables
Encryption in transitTLS 1.2+ on all external traffic, Google-managed certificates
Container isolationgVisor kernel-level sandboxing, dedicated Kubernetes namespace, strict network policies
AuthenticationOAuth 2.0 with PKCE (S256), RS256 JWT tokens, Firebase identity
AuthorizationPer-request RBAC checks, permission groups, tool-level access control
Credential storageKMS-encrypted, per-user scoped, never exposed in API responses
Activity loggingEvery tool call logged with full inputs, outputs, latency, and status
Audit logging50+ event types covering admin actions, credential changes, and access modifications
Org isolationEnforced at every API layer. One org cannot access another’s servers, data, or credentials
Secret redactionSecrets are redacted from runtime logs, error messages, and API responses

Key principles

Everything is encrypted

All sensitive data is encrypted using Google Cloud KMS before being stored in the database. This includes environment variables, OAuth tokens, API keys, and user credentials. The encryption key is managed in KMS (agenthub-keyring/secrets-values-key) and never leaves Google’s infrastructure. All external traffic uses TLS 1.2+ with Google-managed certificates. HTTP requests are automatically redirected to HTTPS.

Every server is isolated

Each MCP server runs in its own container with gVisor sandboxing, which intercepts all system calls at the kernel level. Servers are deployed in a dedicated Kubernetes namespace with network policies that block all private IP traffic, preventing lateral movement between servers or access to internal services. Customer code has no cloud credentials. All GCP operations are proxied through the Gumstack backend API.

Access is verified on every request

There is no caching of permission checks. Every tool call goes through:
  1. Token validation against the Gumstack backend
  2. RBAC check against the user’s permission group and tool access matrix
  3. Activity logging with full request details
Changes to permissions take effect immediately on the next request.

Credentials never leave the server

User credentials (OAuth tokens, API keys) are stored encrypted in the database and decrypted only at the point of use within the server. They are never sent to MCP clients, never included in API responses, and never written to logs.

Detailed documentation

Infrastructure Security

Hosting, container isolation, network architecture, TLS, build pipeline, and scaling

Data Protection

Encryption, secrets management, credential handling, logging, audit trails, and privacy

Permission Groups

RBAC configuration, tool access control, and group management

Authentication

OAuth, API Key, and No Auth methods for MCP servers