Enterprise Security

SOC2 ReadyMulti-Tenant RLS

Enterprise-grade security and compliance built into every layer of the stack

Security Layers

🌐

Network Security

VPC isolation
Private subnets
Security groups
WAF protection

🔐

Authentication

JWT RS256 tokens
OAuth 2.0 + OIDC
SAML 2.0 SSO
WebAuthn/Passkeys
MFA support

👥

Authorization

RBAC (Role-Based)
ABAC (Attribute-Based)
Tenant isolation
Row-Level Security

🔒

Data Encryption

AES-256 at rest
TLS 1.3 in transit
KMS key management
Field-level encryption

📋

Audit & Logging

CloudWatch Logs
CloudTrail events
Immutable audit trail
SIEM integration

✅

Compliance

SOC2 Type II ready
GDPR compliant
CCPA ready
HIPAA-ready architecture

Row-Level Security (RLS)

PostgreSQL Row-Level Security ensures complete tenant data isolation at the database level

Policy Creation

CREATE POLICY tenant_isolation ON events USING (tenant_id = current_setting('app.current_tenant_id')::uuid);

Context Setting

await dataSource.query('SET LOCAL app.current_tenant_id = $1', [tenantId]);

Automatic Filtering

All queries automatically filtered by tenant_id. No developer intervention required.

Zero-trust data isolation

Prevents cross-tenant leaks

Automatic enforcement

Audit trail for compliance

Compliance Status

SOC2 Type II

Ready

Controls implemented, audit in Q2 2025

Timeline: 6 months

GDPR

Compliant

Data residency, right to deletion, consent management

Timeline: Current

CCPA

Ready

California privacy compliance, opt-out mechanisms

Timeline: Current

ISO 27001

Roadmap

Information security management system

Timeline: 12 months

Security Deep Dive

Schedule a security review with Gaurav to discuss architecture, compliance roadmap, and penetration testing results