Security Overview

Security is foundational to Projan. We implement defence-in-depth across infrastructure, application, and data layers to protect your business planning data.

Infrastructure Security

• Ephemeral compute - no SSH access, containers destroyed and rebuilt on every deployment, automatic scaling.
• Network isolation - application workloads run in private subnets with no direct internet access. Traffic enters only through load balancers.
• Managed secret storage - API keys and service credentials stored in a dedicated secrets management service, rotated on a defined schedule.
• No customer data on developer machines - development uses synthetic test data only.

Encryption

• At rest: AES-256-GCM authenticated encryption for all OAuth tokens and integration credentials, with industry-standard key derivation.
• In transit: TLS 1.2+ enforced on all endpoints. HTTPS only - HTTP requests are redirected.
• Database: Sensitive fields encrypted at the application level before storage. Database-level encryption at rest enabled by the hosting provider.

Authentication & Access Control

• Cryptographically signed tokens issued via a managed identity provider
• API keys stored as one-way hashes - the original key is never persisted
• Role-based access control: team admin, team member, individual
• Session tokens short-lived (1 hour) with secure refresh flow and revocation support

OAuth Integration Security

• Cryptographic state parameters with short-lived expiry and one-time use
• CSRF protection via constant-time comparison
• Tokens encrypted immediately on receipt, never stored in plaintext
• Minimal scopes requested per integration (principle of least privilege)
• Automatic token refresh for providers that support it
• Immediate credential purge on integration disconnect

Application Security

• Schema-based input validation on all API endpoints
• Query complexity limiting to prevent abuse
• Rate limiting on authentication endpoints
• Automated dependency vulnerability scanning
• No user-generated content rendered without sanitisation

Incident Response

• Monitoring via AWS CloudWatch with alerting
• Defined incident response process
• User notification within 72 hours for data breaches (GDPR requirement)
• Post-incident review and remediation

Compliance

• GDPR compliant - data processing, rights, transfers
• SOC 2 Type II - planned (see compliance roadmap)
• ISO 27001 - planned (see compliance roadmap)
• PCI DSS - delegated to Stripe (no card data touches our servers)

Responsible Disclosure

We welcome responsible security research. If you discover a vulnerability:

• Report vulnerabilities to security@projan.ai
• We will acknowledge within 5 business days
• No legal action against good-faith security researchers