Security & compliance guides

Plain-English guides to launching your AI-built app safely — what a security audit covers, the checklist to run before you ship, and what HIPAA, SOC 2 and GDPR actually require.

AI app penetration testing

→

Penetration testing for AI-built and vibe-coded web apps: what it covers, what it costs, and how to get a launch-ready security clearance.

Pre-launch security checklist

→

A practical pre-launch security checklist for SaaS and vibe-coded apps: lock down your database, secrets, auth, headers and more before you ship.

Is Supabase HIPAA compliant?

→

Supabase can support HIPAA with a paid plan and a signed BAA — but compliance is your responsibility too. Here's what HIPAA on Supabase requires.

SOC 2 for startups

→

What SOC 2 means for a startup, when you actually need it, and how a pre-launch security baseline makes the audit dramatically easier.

GDPR for AI-built apps

→

If your AI-built app handles EU users' data, GDPR applies. Here's what it means in practice — lawful basis, data security, deletion and more.