Outbound
Security & trust

Your media, protected by default

Security isn't a setting in Outbound — it's how the platform is built. Private assets, signed links, scoped access, and encrypted edge delivery come standard.

How we protect your media

Signed, expiring links

Download links are cryptographically signed (HMAC) and expire on a schedule you set — from minutes to a week.

Private by default

Assets are private drafts until you explicitly publish them. Nothing is public, or indexable, until you say so.

Account-scoped data

Every file, link, and metric is scoped to your account and enforced by a typed authorization layer on every request.

Scoped API keys

Issue and revoke per-environment API keys with built-in, per-key rate limiting and clear, auditable errors.

Edge-native delivery

Media is served from a global edge network with modern TLS, so traffic is encrypted in transit everywhere.

Idempotent billing

Payment and usage events are processed exactly once, so re-delivered webhooks never double-charge or corrupt state.

Reporting a vulnerability

Found a security issue? We want to hear from you. Email support@outbound.app with the details and we'll respond promptly. Please give us a reasonable window to investigate and remediate before any public disclosure.

Build on infrastructure you can trust

Private by default, signed links, and edge-native delivery — from your first upload.

Built withTanship