Cyber Security

Your security is our top priority.

  1. Home
  2. About CRYLO®
  3. Cyber Security

Cyber Security at CRYLO®

CRYLO® protects your account, your data, and your assets with industry-standard controls, continuous monitoring, and transparency.

How We Protect Your Account

Multi‑factor authentication (MFA). MFA is required for login and sensitive actions.

Device & session controls. We monitor unusual logins, allow you to view/terminate sessions, and flag risky activity.

Phishing protection. Clear domain allowlists, signed emails, and in‑app warnings to help you avoid impostors.

Learn More ->

CRYLO how we protect your account

How We Protect Your Data

Encryption. TLS 1.3 in transit, AES‑256 at rest. Keys are managed in secure vaults (e.g., AWS KMS).

Data minimization. We only collect what we need to run the service; nothing more.

Role‑based access (RBAC). Internal access is strictly limited and logged.

Find out more ->

CRYLO how we protect your data

How We Protect Your Funds

Depending on your region and product version, CRYLO® connects you either to your own wallet (non‑custodial) or regulated custodial partners (licensed where required) — see our Regulatory Status.. We do not comingle customer assets with company funds; custodians hold segregated accounts..

Withdrawal protections. Address allow‑listing, cool‑down periods, and human‑in‑the‑loop reviews for unusual requests.

Treasury controls. Company wallets use multi‑sig policies and segregated environments.

Protocol allowlists. DeFi access goes through vetted, risk‑scored integrations only.

Learn more ->

CRYLO how we protect your funds

Our Platform Security Standards

Zero‑trust network & segmentation. Production, analytics, and back‑office systems are isolated.

Secure SDLC. Code reviews, dependency scanning, and secrets management.

Monitoring & alerting. 24/7 observability with automated anomaly detection and on‑call escalation.

Backups & continuity. Encrypted backups, routine restore tests, and documented incident response.

Find out more ->

CRYLO platform security.avif

Smart-Contract & DeFi Safeguards

External reviews. We work with third‑party auditors for material smart‑contract components and follow OWASP/CIS best practices.

Transaction simulation. We simulate transactions (where supported) to preview expected outcomes and gas costs.

Kill‑switches & circuit breakers. We can disable specific adapters or reduce exposure if risk rises.

Register Now ->

CRYLO smart contract defi safeguards

Compliance & Transparency

We design CRYLO® to align with applicable frameworks in supported regions and work with regulated partners where required (e.g., KYC/AML via on‑ramp/custody providers). We never promise guaranteed returns and explain strategy risks in plain language.

Vulnerability Disclosure

Security researchers: we appreciate your help. If you believe you’ve found a vulnerability, please report it responsibly.

- Email: security (at) crylo.ai

- PGP key: on request

- Bounty: See our /security/bug-bounty page (when live)

Join the Waitlist
CRYLO Office

Cybersecurity Practices - What You Can Do Today

2FA

Turn on MFA or 2FA at least for your login.

Bookmark

Bookmark our official links and beware of DMs.

Password

Use a unique password and a password manager.

Secret

Never share recovery codes or MFA tokens with anyone.

Further Reading to Learn More

We publish monthly updates, the latest events in the financial world and news relating to digital assets.

Security isn’t a feature—it’s a habit.

We build CRYLO® with defense‑in‑depth, clear communication, and continuous improvement. If you ever have a security concern, contact us immediately or visit our help page. Stay updated and receive all our news.

smarter investing in crypto

Frequently Asked Questions

You probably have many questions related to cyber security. We answer the most important ones below.

CRYLO® works with non-custodial wallets and, depending on your region, regulated custodial partners. Customer assets are never comingled with company funds.

Never. We will never ask for your seed phrase, private keys, or one‑time MFA codes in email, chat, or phone calls. If you receive such a request, report it immediately.

We use address allow‑listing, MFA by default, cool‑down periods for sensitive actions, and multi‑sig treasury controls. Where custodians are involved, assets remain segregated and subject to their security controls.

We use encryption in transit (TLS 1.3) and at rest (AES‑256), role‑based access controls, secrets stored in secure key vaults, and a secure SDLC with code reviews and dependency scanning.

We don’t guarantee reimbursement for market losses. Some custodial partners may maintain crime/insurance coverage for specific events subject to their terms. This is not bank deposit insurance (e.g., not FDIC/FSCS). Coverage, if any, is limited by the custodian’s policy.

Yes - where supported, you can connect via WalletConnect/compatible bridges to keep keys in your hardware wallet while using CRYLO’s interface.

 
Cyber Security | CRYLO® Platform Protection