Security.
Forum Atlas is built on a small, modern, US-hosted stack with least-privilege access and per-tenant isolation at the database layer. We synthesize publicly available information only — we do not ingest your private systems.
Tenant isolation
Customer data is separated at the database with row-level security. Each workspace's reads and writes are scoped to that workspace, enforced in Postgres rather than relying on application code alone.
Authentication
Sign-in is handled by WorkOS, supporting SSO and modern identity flows. Access to the platform is invite-controlled, and API access uses scoped, revocable keys with per-key rate limits.
Data handling
Data is encrypted in transit. We process your queries and inputs through our AI providers under terms intended to prevent your inputs from training their foundation models, and we do not use your private inputs to train models for other customers. Payment details are handled by Stripe; we never store full card numbers.
Infrastructure
The platform runs on Supabase (Postgres), Modal (compute), and Vercel (web), fronted by Cloudflare for DNS, CDN, and edge protection. Hosting and operation are United States–based. A current list of subprocessors is maintained in our Privacy Policy.
Reporting a vulnerability
If you believe you've found a security issue, email security@forumatlas.com. We appreciate responsible disclosure and will work with you to validate and address verified reports.