Overview
Security principles, architecture, and security practices at Stashbase.
Security is naturally a core part of Stashbase. The platform is designed around workspace isolation, layered encryption, scoped access control, and developer-focused security workflows.
Security Principles
- Least privilege by default
- Workspace isolation
- Layered encryption architecture
- Secure-by-default integrations
- Practical developer security
Architecture
Stashbase uses a layered security architecture designed around encryption isolation, scoped access control, and secure integration flows.
See the Architecture page for more details about:
- encryption hierarchy
- integration isolation
- authentication and session security
- infrastructure security
- logging and auditability
Authentication & Access Control
Stashbase supports:
- OAuth authentication
- MFA
- secure session handling
- scoped API keys
- environment-level permissions
- service accounts
Integrations Security
Integration credentials are encrypted separately from application secrets using isolated encryption contexts and provider-specific security flows.
Secret Scanning & Remediation
Stashbase supports repository and secret scanning workflows designed to help identify exposed or hard-coded secrets and support remediation workflows.
Vulnerability Disclosure
We appreciate responsible security research and welcome reports of potential vulnerabilities.
If you believe you have discovered a security issue or vulnerability, please contact: support@stashbase.dev
Please include:
- affected systems or endpoints
- reproduction steps
- proof of concept if available
- impact assessment
We aim to acknowledge reports promptly and work collaboratively on responsible disclosure.
Depending on the severity and quality of the report, Stashbase may offer discretionary rewards for valid security findings.
Contact & Support
If you have any questions about security practices, need assistance with a security issue, or want to report a potential vulnerability, you can contact us at: support@stashbase.dev