Zero-trust architecture

Security Architecture

Zero compromises at the foundation level — from identity through encryption to the audit trail.

Identity & Access

Zero-trust authentication and authorization

Firebase Auth

No local password storage. Roles from Firebase claims plus core.actors. Correct session refresh with security tests.

Role-based access with time-limited delegations

Granular per-module roles with time-limited delegation. Delegation auto-expires without privilege escalation. Full decision log.

Policy engine

Permission check on every access point: who, what, on which resource, and in what context. Missing check blocks deployment.

Four-eyes approval workflow

High-risk actions require a second person's approval with expiration. Auditable justification for every decision.

Data Protection

Encryption, classification, and data sovereignty

Data classification

PUBLIC / INTERNAL / CONFIDENTIAL / PII taxonomy on all objects. Sensitive field masking in UI and API.

Customer-managed encryption

Rotatable encryption keys, bring-your-own or customer-managed per organization. Data residency guaranteed in PL/EU.

DB least-privilege

Dedicated database roles with access limited to their own tables. Permission tests before every release.

Legal hold

Objects on legal hold cannot be deleted until the hold is lifted with justification. Dry-run retention job.

Export approval gate

CONFIDENTIAL/PII data exports require a policy gate and approvals. Blocked and logged when required approvals are missing.

Audit Trail

Immutable audit trail with offline verification

Append-only event log

Central event log with cryptographic chain and integrity verification. Any tampering detected triggers a critical alert.

Offline-verifiable evidence package

Deterministic manifest with SHA-256 fingerprint and event log. Same data scope always produces the same manifest hash.

Organization data isolation

Automated isolation tests between organizations, backup/restore, and point-in-time recovery. No organization can see another's data.

Secret vault with rotation

Per-organization credential storage with least-privilege key rotation without interrupting workflows.

Infrastructure & CI/CD

Security gates in the pipeline

Security gate

Permanent gate: dependency audit, software composition analysis, and known vulnerability monitoring. Code merge blocked on high or critical severity.

Supply chain controls

Dependency file immutability, approved package list, known-vulnerable version blocking.

Hardened error tracking

Default redaction of personal data, authentication headers, and cookies. Error tracking without sensitive data — leak prevention tests.

Logging chaos tests

Logging pipeline health dashboard. Logging failure blocks closure of objects that require evidence.

Hardening patch lane (CVE)

Dedicated security lane covering all key components. Each vulnerability has a remediation status and security owner sign-off.

Security — FAQ

Where is data hosted?

Data is hosted in the EU (eu-central region) with the option to region-lock to Poland. PL/EU data sovereignty is enforced at the infrastructure level.

Can I use my own encryption keys?

Yes. Pulsar supports BYOK (Bring Your Own Key) and CMEK (Customer-Managed Encryption Keys) per tenant with full rotation.

How is tenant isolation ensured?

Organization data isolation is automatically tested before every release. Tests cover backup/restore and point-in-time recovery.

Can audit logs be modified?

No. The event log is append-only with a cryptographic chain. Any modification attempt is automatically detected and triggers a critical alert.

mission.launch

Start trial and evaluate the process on your own operational data

Start Trial See how it works

What happens after you click?

You get a 14-day trial with full Professional process scope
You map your own requirements and immediately see impact on risks, audits, and CAPA
You choose a plan based on real team execution, not assumptions

Need an operational consultation? Email us: kontakt@pulsar-grc.pl