Security
Your brand lives here. We treat it like it.
In place today
Tenant isolation.
Each client gets a private data partition. Enforced at three layers.
Tokens encrypted at rest.
Your LinkedIn, Meta, and X OAuth tokens are encrypted with a key in our secret manager. The DB never sees plaintext.
Auth on every action.
Clerk handles identity. Every approval and publish resolves through a single session helper.
Append-only audit log.
Every approval, rework, publish, and credential change is logged. We can hand the full log to your compliance team.
Strict CSP + HSTS.
No third-party script CDNs. Our inbox can't be embedded in someone else's frame.
Secrets never reach a commit.
Gitleaks scans every push. CodeQL runs on every PR. Dependabot files PRs on vulnerable deps.
Roadmap
- Q2 2026
- SOC 2 Type I — gap assessment.
- Q3 2026
- Single sign-on (SAML) for enterprise.
- Q4 2026
- SOC 2 Type I attestation issued.
- Q1 2027
- SOC 2 Type II observation window begins.
Harder question? Email drivenedgellc@gmail.com.
Sign up