Enterprise-grade security.
Your data is protected at every layer — from infrastructure to application.
Infrastructure
SlideSync runs on Vercel's edge network with automatic failover and global CDN distribution. Our database layer is powered by Supabase with point-in-time recovery, automated backups, and region-level redundancy.
Encryption
All data in transit is protected with TLS 1.3 encryption. Data at rest is encrypted using AES-256, including database records, file uploads, and backups. Encryption keys are managed through industry-standard KMS.
Authentication
We use Google OAuth 2.0 for secure sign-in with no password storage on our end. Sessions are managed with short-lived JWTs, automatic token rotation, and secure HTTP-only cookies.
Compliance
SlideSync's security practices are aligned with SOC 2 Type II standards. We conduct regular third-party penetration tests, vulnerability assessments, and maintain comprehensive audit logs.
Data Isolation
Each workspace is logically isolated with row-level security policies enforced at the database layer. Users can only access data within their own organization — cross-tenant access is architecturally impossible.
Incident Response
Our incident response plan includes 24-hour detection, immediate containment, root-cause analysis, and transparent post-mortems. Critical vulnerabilities are patched within 24 hours of discovery.
Have a security concern?
Report vulnerabilities or ask security questions at security@slidesync.ai.
Contact security team