← All guides
securityprivacy

GoCools security model

Public security commitments and trust boundaries.

Trust boundaries

Public applications use HTTPS and application-layer authorization. Administrative access is private and protected by Cloudflare Access; production compute has no public SSH.

Credential handling

Credentials are stored in a secrets manager, scoped to the workload that needs them, and are never committed, embedded in public documentation, or emitted in logs.