Security Overview

Packster maintains security by design across infrastructure, application, and operational processes.

This overview summarizes the safeguards we are implementing as part of the phase one rebuild. A full trust center with reports, penetration testing details, and SOC documentation will follow.

Platform hardening

Clerk-managed authentication with enforced MFA options.
Role-based access control over tRPC endpoints backed by LaunchDarkly feature flags.
Prisma with row-level ownership checks and encrypted secrets.
Sentry, Pino, and structured audit logging for incident response.

Data protection

All secrets are stored in environment variables, data at rest is encrypted (Postgres, Stripe, Clerk), and integrations leverage provider-side rotations. Exported packing lists are behind entitlements and signed URLs.