Security & Trust

    How we protect your data and operate the platform.

    Authentication & access

    Email + password (12+ chars), Google OAuth, optional TOTP-based 2FA. Session and login history available to every user.

    Data protection

    Database-level Row-Level Security on every table. Encryption in transit (TLS 1.2+) and at rest. Defense-only policy: the platform is not used for offensive operations.

    Hosting & data residency

    EU hosting. GDPR-compliant. Data export (Art. 20) and account deletion (Art. 17) self-service.

    Sub-processors

    • Supabase (managed Postgres, auth, storage, edge functions): EU region
    • Stripe (billing & payments)
    • Resend (transactional email)
    • Firecrawl (URL scanning for evidence capture)

    Operational controls

    Audit logging for admin actions. Rate limits on report submissions. Automated triage uses rule-based checks combined with LLM-assisted evaluation; final actions are reviewed by humans for company tier.

    Reporting a vulnerability

    Please email team@blackwall.report. See also our Responsible Disclosure policy.

    Cookie Notice

    We use cookies to ensure the functionality of our website. Necessary cookies are required for operation. Optional cookies help us improve our services. For more information, see our Privacy Policy.