Security
How MuniGrowth protects your data and operations.
Core Security Controls
- Tenant-aware data isolation across all core modules
- Encrypted transport (HTTPS/TLS) and secure session defaults
- Role-based access controls and tenant-scoped permissions
- Rate limiting and abuse mitigation on public endpoints
- Security headers including CSP, Referrer-Policy, and Permissions-Policy
- Operational logging for auditability and incident response
Application Security
The platform enforces authenticated API access by default, validates tenant membership in middleware and permission layers, and applies anti-CSRF controls for browser sessions.
Vulnerability Management
We continuously improve code quality, tighten dependency hygiene, and apply secure coding patterns across data access, input handling, and integrations.