Security at LogisticsPrizm

Our security posture

We treat security as table stakes for any platform that touches freight, customs, and commercial data. Our default posture is least privilege, defense in depth, and explicit tenant isolation at every layer that touches customer data. We design new features assuming they will eventually be audited, and we instrument them so they can be.

Application security

The platform authenticates users with JSON Web Tokens. Access tokens are short-lived (15 minutes) and held only in memory; refresh tokens are long-lived (7 days) and stored in HttpOnly, Secure, SameSite cookies that JavaScript cannot read. Passwords are hashed with bcrypt at industry-standard work factors. Authorization is enforced by a role-based access control system spanning six roles (super admin, admin, manager, sales rep, support agent, viewer), and every authenticated request is checked against the caller’s role and organization scope.

Multi-tenant data isolation is enforced at the database, not just the application. PostgreSQL row-level security policies on every tenant-scoped table reject queries that attempt to read or modify another organization’s rows, even if application code somewhere up the stack forgets to add a filter. Uploaded documents are stored privately in object storage and served only through time-limited signed URLs; no document URL is ever public.

Infrastructure security

The Service runs on hardened Linux infrastructure in the United States. Operating systems are kept current with security patches. A host firewall restricts inbound network access to the minimum set of ports required to serve the application; administrative SSH access is locked down to key-based authentication from a small number of authorized engineers. Edge traffic is proxied through Cloudflare for DDoS resilience and bot mitigation, and origin servers accept connections only over TLS using a Cloudflare Origin certificate. Database and object-storage backups are encrypted and stored separately from the production environment.

Data encryption

All traffic to and from the Service is encrypted in transit using TLS 1.2 or higher with modern cipher suites. The primary PostgreSQL database, MongoDB event store, and object storage for uploaded documents are encrypted at rest using AES-256. Server-side encryption is enabled on every uploaded file. Secrets used by the application (API credentials, signing keys, third-party tokens) are kept outside the codebase and injected at runtime.

Operational security

Engineering access to production follows the principle of least privilege. Sensitive actions — including authentication events, role changes, document access, and configuration changes — are written to an append-only audit log with actor, IP, user-agent, and a before/after JSONB diff so that activity can be reconstructed after the fact. Dependencies are scanned for known vulnerabilities and patched on a regular cadence. Code changes go through review before they reach production.

AI and tenant isolation

The AI features built into the platform — quote suggestion, document classification, chargeable-event detection, the retrieval-augmented chat assistant — operate on each customer’s own data only. Embeddings and indexes are scoped per tenant and are stored alongside the same row-level security policies that protect everything else. We do not use one customer’s data to train or fine-tune models that serve another customer. Where third-party model providers are used, we use API endpoints that the provider has represented are not used to train their general models on customer inputs or outputs. Customers with strict data-residency requirements may opt to run inference on a U.S.-only local model under the same organization-level controls.

ITAR considerations

For customers handling ITAR-controlled cargo, the platform supports U.S.-person operator controls and produces an audit trail of access to controlled records. See the full ITAR page for the controls we provide and the customer obligations that go with them.

Responsible disclosure

If you believe you have found a security vulnerability in LogisticsPrizm, please report it to [email protected]. Please include enough detail to reproduce the issue and any proof-of-concept that is safe to share. We will acknowledge your report within two business days and keep you updated as we investigate and remediate. Please do not access or modify data that does not belong to you, do not run automated scanning at a rate that degrades service for other customers, and give us a reasonable window to fix the issue before disclosing it publicly. We do not currently operate a paid bug bounty program; with your permission, we credit reporters of valid issues in our security acknowledgements.

Compliance roadmap

We design and operate the Service to be aligned with the substantive requirements of GDPR and CCPA today. SOC 2 Type 1 is on our roadmap, targeted for 2027 alongside our first cohort of enterprise customers; we will share progress and report excerpts under NDA on request. Customers with specific compliance questions are welcome to reach out at [email protected].

Contact

Security reports and questions: [email protected]. For privacy-related requests, see our Privacy Policy or email [email protected].