Yes, Density enables data encryption by default with no extra configuration required.
- At rest: HTTPS/TLS 1.2
- In transit: AES-256 encryption
Density stores encryption keys in a secure Key Management System on a separate network with limited access and auditing. Keys and other secrets are never stored on the local filesystem but are delivered at process start time and retained only in memory while in use.