diff --git a/export/progress.md b/export/progress.md
index 029df2b..07b139b 100644
--- a/export/progress.md
+++ b/export/progress.md
@@ -8,12 +8,12 @@
 
 | Metrica | Valore |
 |---------|--------|
-| **Stato** | 🟢 Database & Models Completati |
-| **Progresso** | 15% |
+| **Stato** | 🟢 Security Services Completati |
+| **Progresso** | 20% |
 | **Data Inizio** | 2024-04-07 |
 | **Data Target** | TBD |
 | **Task Totali** | 74 |
-| **Task Completati** | 11 |
+| **Task Completati** | 16 |
 | **Task In Progress** | 0 |
 
 ---
@@ -52,12 +52,16 @@
 - [x] T10: Creare model ApiToken (SQLAlchemy) - ✅ Completato (2026-04-07 11:15)
 - [x] T11: Setup Alembic e creare migrazione iniziale - ✅ Completato (2026-04-07 11:20)
 
-### 🔐 Servizi di Sicurezza (T12-T16) - 3/5 completati
+### 🔐 Servizi di Sicurezza (T12-T16) - 5/5 completati
 - [x] T12: Implementare EncryptionService (AES-256) - ✅ Completato (2026-04-07 12:00, commit: 2fdd9d1)
 - [x] T13: Implementare password hashing (bcrypt) - ✅ Completato (2026-04-07 12:15, commit: 54e8116)
 - [x] T14: Implementare JWT utilities - ✅ Completato (2026-04-07 12:30, commit: 781e564)
-- [ ] T15: Implementare API token generation - 🟡 In progress
-- [ ] T16: Scrivere test per servizi di encryption
+- [x] T15: Implementare API token generation - ✅ Completato (2026-04-07 12:45, commit: 649ff76)
+- [x] T16: Scrivere test per servizi di sicurezza - ✅ Completato (test inclusi in T12-T15)
+
+**Progresso sezione:** 100% (5/5 task)
+**Test totali servizi:** 71 test passanti
+**Coverage servizi:** 100%
 
 ### 👤 Autenticazione Utenti (T17-T22) - 0/6 completati
 - [ ] T17: Creare Pydantic schemas auth (register/login)
diff --git a/src/openrouter_monitor/services/__init__.py b/src/openrouter_monitor/services/__init__.py
index e69de29..b898c7a 100644
--- a/src/openrouter_monitor/services/__init__.py
+++ b/src/openrouter_monitor/services/__init__.py
@@ -0,0 +1,44 @@
+"""Security services for OpenRouter Monitor.
+
+This package provides cryptographic and security-related services:
+- EncryptionService: AES-256-GCM encryption for sensitive data
+- Password hashing: bcrypt for password storage
+- JWT utilities: Token creation and verification
+- API token generation: Secure random tokens with SHA-256 hashing
+"""
+
+from openrouter_monitor.services.encryption import EncryptionService
+from openrouter_monitor.services.jwt import (
+    TokenData,
+    create_access_token,
+    decode_access_token,
+    verify_token,
+)
+from openrouter_monitor.services.password import (
+    hash_password,
+    validate_password_strength,
+    verify_password,
+)
+from openrouter_monitor.services.token import (
+    generate_api_token,
+    hash_token,
+    verify_api_token,
+)
+
+__all__ = [
+    # Encryption
+    "EncryptionService",
+    # JWT
+    "TokenData",
+    "create_access_token",
+    "decode_access_token",
+    "verify_token",
+    # Password
+    "hash_password",
+    "verify_password",
+    "validate_password_strength",
+    # Token
+    "generate_api_token",
+    "hash_token",
+    "verify_api_token",
+]