Trust

Security

Security is architectural, not bolted on.

Multi-Tenant Isolation

  • PostgreSQL RLS on every tenant-scoped table, FORCE RLS enabled
  • API requests bound to authenticated tenant context
  • No shared data surfaces — cross-tenant access is architecturally prevented
  • Tenant-scoped integration keys with cryptographic isolation

Authentication

  • RS256 JWT with short expiry via token exchange
  • Integration key token exchange (one-time-reveal secrets)
  • Guest session tokens (gst_ prefix) for discovery audits
  • Rate limiting per tenant and endpoint family
  • Self-serve signup with OTP email verification

Data Protection

  • TLS 1.2+ in transit for all connections
  • Encryption at rest via infrastructure provider controls
  • Integration key secrets hashed after one-time reveal
  • Webhook HMAC signature verification
  • No plaintext secrets in code or logs

API Hardening

  • UUID input validation on all resource endpoints
  • Parameterized queries via Prisma ORM (no raw SQL injection)
  • File upload validation (type, size, content)
  • CORS allowlist enforcement for approved origins
  • Sensitive field redaction in API logs

Operations

  • Immutable audit trail (append-only value events)
  • Reference data change log with full history
  • Operational runbooks for incident response, billing controls, and rollback
  • Environment drift detection across staging and production
  • Canary monitoring with SLO-based alerting

Billing Security

  • Stripe PCI DSS compliant payment processing
  • No card numbers stored in RGL8R — Stripe handles all card data
  • Webhook signature verification for billing events
  • Idempotent event processing to prevent duplicate charges

Compliance Posture

Responsible Disclosure

If you discover a security vulnerability, please report it to security@rgl8r.com. We respond within 48 hours.

Trust & Support DocsPrivacy PolicyTerms of Service