Security
Enterprise-Grade Security
Your customers trust you with their data. We make sure that trust is earned with industry-leading security at every layer of the stack.
Encryption at Rest & In Transit
All data encrypted with AES-256 at rest. TLS 1.3 for every connection. API keys and secrets stored in AWS Secrets Manager — never in code.
Row Level Security (RLS)
32+ PostgreSQL RLS policies enforce tenant isolation at the database level. No tenant can ever access another tenant's data, even through SQL injection.
Zero-Trust Architecture
Every API request is authenticated and authorized. JWT-based auth with short-lived tokens, automatic rotation, and per-tenant scoping.
Infrastructure Isolation
Services deployed in private VPCs on AWS. No public database endpoints. Security groups restrict traffic to only what's necessary.
Audit Logging
Every action is logged — login attempts, data access, configuration changes, and API calls. Full audit trail for compliance reporting.
SOC 2 Path
Actively working toward SOC 2 Type II certification. Our security controls are designed to meet enterprise compliance requirements from day one.
Our Security Practices
The specific measures we take to protect your data and your customers.
- All credentials stored in AWS Secrets Manager, never in environment variables or code
- Automated dependency vulnerability scanning on every deployment
- Database backups encrypted and stored in a separate AWS region
- Rate limiting and DDoS protection via Cloudflare and AWS WAF
- Regular penetration testing and security reviews
- GDPR-compliant data processing with right-to-deletion support
- Multi-factor authentication available for all dashboard users
- Webhook payloads signed with HMAC-SHA256 for integrity verification