Your infrastructure,
hardened by design.
Flarite is built for mission-critical infrastructure management. We treat security as a first-class citizen, not an afterthought.
AES-GCM 256-bit Encryption
All sensitive credentials, including third-party API tokens, are encrypted at the edge using industry-standard AES-256 in Galois/Counter Mode (GCM). This ensures both confidentiality and authenticity of your data.
Zero-Knowledge Architecture
Our infrastructure is designed so that even with highest-level administrative access, we cannot decrypt your tokens. The master encryption key is never persisted in plain text.
PBKDF2 Password Hashing
User passwords are never stored. We use PBKDF2 with 100,000 internal iterations and a unique cryptographic salt for every user, making brute-force attacks computationally infeasible.
Short-lived Session Management
User sessions are cryptographically signed with a rotating secret and are set to expire every 7 days. We implement active session invalidation upon password changes or security events.
TLS 1.3 In-Transit Security
All traffic between your browser and Flarite, as well as between Flarite and upstream APIs, is forced over TLS 1.3 with modern, secure cipher suites.
Encrypted D1 Storage
Data stored in our distributed edge databases is encrypted at rest, ensuring that hardware theft or physical data center breaches do not compromise your information.
Zero-Knowledge Architecture
- Tokens are encrypted using the user's master secret on the client-side or during high-entropy sessions.
- The encryption key is derived using SHA-256 hashing to ensure a 256-bit entropy pool.
- IVs (Initialization Vectors) are generated using hardware-level random number generators.
- Founder-level or Root access to Flarite DBs cannot reveal plain-text SaaS credentials.