# Data encryption
<a name="data-encryption"></a>

**Topics**
+ [

# Encryption at rest
](encryption-at-rest.md)
+ [

# Encryption in transit
](encryption-in-transit.md)
+ [

# Key management
](key-management.md)

# Encryption at rest
<a name="encryption-at-rest"></a>

 Data is encrypted at rest using transparent server-side encryption. This helps reduce the operational burden and complexity involved in protecting sensitive data. With encryption at rest, you can build security-sensitive applications that meet encryption compliance and regulatory requirements. 

# Encryption in transit
<a name="encryption-in-transit"></a>

 Data gathered and accessed by AWS Security Incident Response is exclusively over a Transport Layer Security (TLS) protected channel. 

# Key management
<a name="key-management"></a>

AWS Security Incident Response implements integrations with AWS KMS to provide encryption at rest for case and attachment data.

AWS Security Incident Response does not support customer managed keys.