Security & Trust
Secure-by-design foundations across all Nexitez services. This page explains our baseline controls and boundaries.
Service isolation
Each platform runs on its own subdomain with isolated code and data storage to reduce blast radius.
Access control
Role-based access control (RBAC) and least-privilege patterns are used to restrict actions and data exposure.
Audit logging
Security-relevant events can be logged for traceability, monitoring, and audit support workflows.
Baseline security practices
These are typical controls applied across our services. Exact implementations may vary per product.
- Strict input validation and output encoding
- Prepared statements / ORM use for database operations
- CSRF protection for state-changing requests
- Secure session or token handling with appropriate expiry
- Rate limiting and abuse controls
- Hardened configuration defaults and safe error handling
Responsible disclosure
If you believe you have found a security issue, please contact us with details and reproduction steps.
Security contact
Email: security@nexitez.com (recommended)
General: contact@nexitez.com
Safe testing rules
- No disruption to services
- No data exfiltration
- Report findings privately