Current Security Controls
CustodyForge already includes several product-level controls that support accountable operations.
- Role-based access controls for app sections and sensitive actions.
- Private evidence storage through authenticated app routes.
- Evidence access audit logging for sensitive photo review.
- Browser hardening headers for clickjacking resistance, content-type protection, strict referrer handling, restricted device permissions, and HSTS.
- CSP report collection through a payload-limited endpoint so browser policy findings can be reviewed before enforcement.
- Stripe checkout and billing portal throttles that slow repeated automated attempts before payment-provider calls are made, with shared-store support for production scaling.
- Protected billing preflight checks that verify Stripe settings and Price IDs without creating a checkout session or charge.
- Public launch self-checks verify health, security headers, CSP report intake, robots controls, protected billing preflight, and entitlement proof without exposing secrets.
- Signed Stripe webhooks and provider callback secrets for external event verification.
- Local productivity tools that do not send workspace data to an external AI service.
- Admin-only areas for users, templates, and integrations.