Stashbase

Overview

Security principles, architecture, and security practices at Stashbase.

Security is naturally a core part of Stashbase. The platform is designed around workspace isolation, layered encryption, scoped access control, and developer-focused security workflows.

Security Principles

  • Least privilege by default
  • Workspace isolation
  • Layered encryption architecture
  • Secure-by-default integrations
  • Practical developer security

Architecture

Stashbase uses a layered security architecture designed around encryption isolation, scoped access control, and secure integration flows.

See the Architecture page for more details about:

  • encryption hierarchy
  • integration isolation
  • authentication and session security
  • infrastructure security
  • logging and auditability

Authentication & Access Control

Stashbase supports:

  • OAuth authentication
  • MFA
  • secure session handling
  • scoped API keys
  • environment-level permissions
  • service accounts

Integrations Security

Integration credentials are encrypted separately from application secrets using isolated encryption contexts and provider-specific security flows.

Secret Scanning & Remediation

Stashbase supports repository and secret scanning workflows designed to help identify exposed or hard-coded secrets and support remediation workflows.

Vulnerability Disclosure

We appreciate responsible security research and welcome reports of potential vulnerabilities.

If you believe you have discovered a security issue or vulnerability, please contact: support@stashbase.dev

Please include:

  • affected systems or endpoints
  • reproduction steps
  • proof of concept if available
  • impact assessment

We aim to acknowledge reports promptly and work collaboratively on responsible disclosure.

Depending on the severity and quality of the report, Stashbase may offer discretionary rewards for valid security findings.

Contact & Support

If you have any questions about security practices, need assistance with a security issue, or want to report a potential vulnerability, you can contact us at: support@stashbase.dev

On this page