Hard multi-tenant isolation
Every query is tenant-scoped; cross-tenant access returns "not found" rather than "forbidden" — eliminating resource enumeration by design. Admin surfaces use a separate authorization channel.
In July 2026 OctoReport completed an acquisition-grade security audit: 0 Critical and 0 High findings. Here is how we protect your data.
Every query is tenant-scoped; cross-tenant access returns "not found" rather than "forbidden" — eliminating resource enumeration by design. Admin surfaces use a separate authorization channel.
All third-party API keys and mailbox credentials are stored under AES-256-GCM, decrypted only at point of use. Logging auto-redacts sensitive fields — plaintext secrets never reach logs.
Admin actions, payment events, report generation and collection runs are all logged: who, when, what. Payment webhooks pass signature verification + an idempotency ledger + amount/payee hard checks.
Daily logical database backups ship off-site to object storage with a 30-day bucket lock — even under a ransomware scenario, backups cannot be encrypted or deleted.
All user input is schema-validated; collectors carry SSRF guards (private-range and metadata addresses blocked); report HTML passes an allow-list sanitizer against stored XSS.
Report claims run through an evidence-chain gate (unsupported claims flagged), AI-generated content carries dual labelling (explicit notice + embedded provenance), and output-side PII detection alerts.
Audit summary
"Acquisition-grade security audit (July 2026): 0 Critical / 0 High findings. All medium/low items remediated and regression-verified." Scope covered authentication & sessions, tenant isolation, injection & XSS, SSRF, key management, payments & billing, backup & DR. Enterprise customers may contact [email protected] for a detailed security brief.