Security Menu
A Clean CVE Record
Our codebase has maintained a clean record in the public CVE database, supported by continuous security testing and code review. This means no disclosed vulnerabilities — not fewer eyes.
Independent testing and strict SDLC controls have resulted in zero reported CVEs to date — a by-product of our design focus on isolation, per-client encryption and CSP-aligned architecture.
Other ERP Vendors
While many ERP vendors carry hundreds or thousands of CVE disclosures in public databases,
our platform has maintained a clean record thanks to a minimal attack surface,
per-tenant isolation and proactive testing. We disclose transparently when
issues arise, but our design eliminates entire vulnerability classes before
they can occur.
A CVE is a public record of a security flaw. Fewer CVEs can mean stronger design — or less disclosure. The difference is process. Our processes keeps our footprint small.
A CVE is a public record of a security flaw. Fewer CVEs can mean stronger design — or less disclosure. The difference is process. Our processes keeps our footprint small.
3rd Party Dependencies
Connecting to third-party APIs and open-source poses exponential risks: Connecting to a single supplier also connects you to their entire ecosystem — and the suppliers of each of those suppliers. Including all dependencies (direct, transitive, development, etc.), the numbers can balloon into hundreds or even 1,000+ for large, complex projects.
By comparison our own footprint is tiny. thanks to strict isolation and minimal dependencies.