Security

Orbit uses role-scoped access controls, authenticated sessions, policy gates, and audit logging to protect high-impact operational actions.

Sensitive connector tokens are encrypted and environment secrets are managed outside source control. Deployment readiness includes health checks and environment validation.

Recommended production controls include managed Postgres/Redis, isolated staging and production credentials, TLS enforcement, and regular secret rotation.

For security concerns or vulnerability reports, contact your workspace owner and the platform support channel for coordinated response.