Great question. In the web agent case, we solely use HTTPS, and only between resources we either directly control (our servers), or whitelisted customer websites where we connect on HTTPS. An HTTP connection would fail the call stack, as would visiting a non-whitelisted link. A lot of our work happens away from the browser (in APIs and data stores), where we encrypt at rest and in motion.
Great question. In the web agent case, we solely use HTTPS, and only between resources we either directly control (our servers), or whitelisted customer websites where we connect on HTTPS. An HTTP connection would fail the call stack, as would visiting a non-whitelisted link. A lot of our work happens away from the browser (in APIs and data stores), where we encrypt at rest and in motion.
same question for HIPAA compliance