Product security
Ashicore is built around organization isolation, authenticated access, guarded mutations, and domain-level business rules for critical operational data.
Access controls
Team access is role-based. Administrative workflows, account management, and operational modules are separated by permissions.
Data isolation
Organization-scoped data is isolated at the application and database layers. New org-scoped database tables are expected to use row-level security.
Integrations
Connected services are used only for customer-enabled workflows such as accounting sync, email delivery, storage, observability, and deployment.
Reporting security concerns
Report security questions or concerns to support@ashicore.app.