Security at LivraOne
Last updated July 17, 2026
Tenant isolation
Workspace membership and server-side permission policies restrict every request. Transactional data is designed for PostgreSQL row-level security as an additional tenant boundary.
Account protection
Passwords use a memory-hard hash, sessions are revocable and rotated, and privileged actions are audited. Multi-factor authentication and enterprise identity controls are part of the production rollout.
Files and infrastructure
Media is stored in restricted object storage with short-lived signed access. The application origin is not intended for direct public exposure, and secrets remain outside source control and container images.
Report a concern
Please send suspected vulnerabilities privately to security@livraone.com. Do not include sensitive customer data in an initial report.
