BrandTrack

Security at BrandTrack

Your deal data, brand contacts, and financial information deserve serious protection. Here is how we deliver it.

Row-level security on every table

Every database table has Postgres row-level security (RLS) policies enforcing that you can only access your own data. This is enforced at the database level, not just the application level. Even if there were a bug in our code, the database would still block cross-user access.

Encrypted connections everywhere

All data in transit is encrypted via TLS 1.2+. All data at rest is encrypted by our database provider (Supabase/AWS). Your session cookies are HttpOnly, Secure, and SameSite=Lax, which prevents cross-site request forgery and cookie theft via JavaScript.

Signed URLs for file access

Uploaded files (contracts, invoices) are stored in private buckets that are not publicly accessible. When you need to view or download a file, we generate a time-limited signed URL that expires after 15 minutes. Files are scoped to your user folder and validated for MIME type (PDF, PNG, JPG only) and size (10 MB maximum).

Input validation on every action

Every form submission and API call is validated with Zod schemas on the server. This prevents SQL injection, malformed data, and type confusion attacks. No user input reaches the database without passing through strict validation first.

Rate limiting and abuse prevention

All server actions and API routes are rate-limited using Upstash Redis. Authentication attempts are limited to 5 per hour per IP address. Mutations are limited to 30 per minute per user. Read operations are limited to 100 per minute per user. This prevents brute force attacks, credential stuffing, and automated abuse.

Audit logging

Every significant action (sign-in, deal creation, payment updates, file uploads, data exports, account deletion) is recorded in an audit log with timestamps and metadata. This helps us investigate any suspicious activity and gives you a clear history of what happened in your account.

Additional measures

  • Security headers on every response: Content-Security-Policy (nonce-based), HSTS (1 year, preload), X-Frame-Options DENY, X-Content-Type-Options nosniff, strict Referrer-Policy, Permissions-Policy.
  • Razorpay webhook verification: every incoming webhook is HMAC-SHA256 signature-checked and deduplicated via an audit log to prevent replay or double-processing.
  • No service-role database keys in client-side code. The privileged key is restricted to a single server-only module.
  • Error monitoring via Sentry with a beforeSend hook that strips email addresses, IP addresses, and any deal or invoice content before transmission.
  • Automated dependency scanning via Dependabot (weekly) and npm audit in CI.
  • Secret leak prevention via gitleaks pre-commit hook.
  • Daily point-in-time recovery database backups.

Found a security issue? Email security@brandtrack.online. We take every report seriously and aim to acknowledge receipt within 24 hours.