Secure access via SAML/SSO authentication. Role and group-based access control. Integrates with 3rd-party apps via OAuth2.

We employ vulnerability scanning, penetration testing, static analysis, and continuous supply chain monitoring.

To ensure availability, we enable availability zone switching, continuous data backup, 24/7 on-call platform team, and DDoS protection.

SOC 2 accreditation for security, availability, and confidentiality. Continuous compliance monitoring via Drata. Regular CWS reviews.

Data processed on-device. Source-available code for transparency (dual-licensed). Web application firewall, and continuous app security monitoring.

Data encryption in transit with HTTPS and at rest via AES-256, block-level. Keys securely managed by Heroku and Cloudflare.