Tacto

Security

Last updated June 1, 2026

Security is foundational to Tacto. Because guides can contain screenshots of real systems, we design the product and our practices to keep that data protected.

Encryption

Data is encrypted in transit with TLS and encrypted at rest. Access to production systems is limited to authorized personnel and protected by strong authentication.

Access control

Workspaces isolate customer data. Within a workspace, roles and permissions control who can view and edit guides. Business plans add SAML SSO and audit logging for centralized control.

Redaction

To help you avoid exposing sensitive information, Tacto provides manual blur on any screenshot region and automatic PII redaction on Business plans. You control what is captured and published.

Infrastructure

We host on reputable cloud infrastructure with physical and network security controls, regular backups, and monitoring. We follow the principle of least privilege across our systems.

Responsible disclosure

If you believe you've found a security vulnerability, please report it to security@tacto.fyi. We investigate all legitimate reports and appreciate coordinated disclosure. Please give us a reasonable chance to remediate before any public disclosure.

Contact

Security questions or reports? Email security@tacto.fyi.