🔒 Security
How CR AudioViz AI protects your data, credentials, and privacy.
AES-256-GCM Encryption
All credentials and secrets stored with AES-256-GCM encryption using PBKDF2 key derivation. No plaintext secrets anywhere in the system.
OWASP Top 10
All APIs built to OWASP Top 10 security standards. SQL injection prevention, CSRF protection, XSS sanitization, and rate limiting on every endpoint.
OAuth 2.0
Authentication via Google, GitHub, Discord, Microsoft, and LinkedIn OAuth. No passwords stored unless explicitly set by the user.
Row-Level Security
Supabase PostgreSQL with RLS policies ensuring users can only access their own data. All queries are scoped to the authenticated user.
PCI-DSS Payments
Payment data processed exclusively by Stripe and PayPal. We never store raw card numbers. Both providers maintain PCI-DSS Level 1 compliance.
Audit Logging
Complete audit trail of credential access, admin actions, and API key usage. Tamper-proof logs stored in Supabase with timestamps.
Automatic Rotation
API keys and credentials support scheduled rotation. Expiry alerts sent before keys expire. Zero-downtime rotation for all integrations.
HTTPS Only
All traffic encrypted in transit. HSTS headers enforced. Certificate management via Vercel's automatic SSL provisioning.
Report a Security Issue
Found a vulnerability? Please disclose responsibly to security@craudiovizai.com. We respond within 24 hours.