Security

Security is foundational to everything we build at Saut. We handle sensitive sentiment data for enterprises, governments, and financial institutions. We treat every piece of data with the care it deserves.

• Hosted on Vercel and Supabase with enterprise-grade infrastructure
• All data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Database backups with point-in-time recovery
• Edge network with DDoS protection and WAF
• Automatic failover and redundancy across regions

• Powered by Clerk with enterprise SSO support
• Multi-factor authentication (MFA) available for all accounts
• OAuth 2.0 integration with Google, GitHub, and Microsoft
• Session management with automatic expiration
• Organization-level access controls for enterprise plans

• Scoped API keys with granular permissions
• Rate limiting to prevent abuse
• Request signing and validation
• Audit logs for all API access
• Separate production and staging environments

• Saut only processes publicly available social media data
• No private messages, DMs, or non-public content is ever accessed
• Enterprise data is isolated per workspace with row-level security
• Data retention policies configurable per enterprise plan
• Full data export and deletion available on request

• 24/7 uptime monitoring with sub-minute alerting
• Anomaly detection on API usage patterns
• Automated vulnerability scanning
• Dependency auditing for supply chain security

If you discover a security vulnerability, please report it responsibly to security@saut.app. We take all reports seriously and will respond within 48 hours.