Security
Built to protect your data by default.
DiscoveredBy is an internet-facing product, so security is the first consideration in every change, not an afterthought.
Access control
- Role-based access control is enforced on every API endpoint. Authentication alone is never enough.
- Strict tenant isolation: you can only ever read or change data in your own projects.
- Default-deny: if access isn’t explicitly granted, it’s refused.
Data protection
- All traffic is encrypted in transit over HTTPS.
- Session cookies are set http-only, secure, and same-site to guard against theft and CSRF.
- We never sell your data, and we don’t share it between accounts.
Infrastructure
- Database access uses fully parameterized queries: no string-built SQL, so no injection.
- Google integrations request least-privilege, read-only scopes for Search Console and Analytics.
- Every request body and parameter is validated against a strict schema before it’s processed.
Privacy
- Secrets, tokens, and full personal data are kept out of logs.
- Internal errors and stack traces are never leaked to clients.
- We collect only what’s needed to monitor your AI visibility.