Security
Last updated June 1, 2026
Security is foundational to Tacto. Because guides can contain screenshots of real systems, we design the product and our practices to keep that data protected.
Encryption
Data is encrypted in transit with TLS and encrypted at rest. Access to production systems is limited to authorized personnel and protected by strong authentication.
Access control
Workspaces isolate customer data. Within a workspace, roles and permissions control who can view and edit guides. Business plans add SAML SSO and audit logging for centralized control.
Redaction
To help you avoid exposing sensitive information, Tacto provides manual blur on any screenshot region and automatic PII redaction on Business plans. You control what is captured and published.
Infrastructure
We host on reputable cloud infrastructure with physical and network security controls, regular backups, and monitoring. We follow the principle of least privilege across our systems.
Responsible disclosure
If you believe you've found a security vulnerability, please report it to security@tacto.fyi. We investigate all legitimate reports and appreciate coordinated disclosure. Please give us a reasonable chance to remediate before any public disclosure.
Contact
Security questions or reports? Email security@tacto.fyi.