Twilio Programmable Video is based on the open standard WebRTC protocol. The security architecture is described here and the protocols used include TLS, DTLS, and SRTP. All communication between a Programmable Video client and the Twilio cloud is encrypted.
Each Participant in a Room has its own private key exchanged with the media server using DTLS 1.2/SRTP. All media published to or subscribed from the Room is transported through this secure connection. The encryption key exchange uses a technique known as Perfect Forward Secrecy (PFS).
In cases where TLS is required to establish the media path only TLS 1.2 is supported. The following is the supported cipher suite: