Security

Benmore handles the security fundamentals for you, so a generated app is safe by default rather than something you have to harden after the fact.

Built in to every app

• Parameterized queries. All database access is parameterized — user input is never concatenated into SQL.
• Owner & role scoping. Records are scoped to their owner (and optionally their organization); the API enforces access on every read and write.
• Authentication & sessions. Secure, HttpOnly cookies for the web and bearer tokens for API clients, with brute-force lockout and optional multi-factor auth.
• CSRF protection. State-changing requests are CSRF-protected automatically.
• Protected fields. Sensitive columns (ownership, roles, password hashes) can't be set through the public API.
• Security headers & rate limiting. A strict Content-Security-Policy and standard hardening headers are sent on every response, with per-user and per-IP rate limits.
• Outbound request safety. Webhooks and server-side fetches are validated to prevent requests to private/internal addresses.
• Field-level encryption. You can mark sensitive fields to be encrypted at rest, with optional searchable (blind) indexes.
• Audit trail. Every data mutation is recorded with who changed what and when.

Built-in security scan

Each app can run a security scan that inspects its schema, pages, custom routes, and data hooks — checking authentication gates, access control, injection and XSS exposure, and configuration against the OWASP Top 10 — and reports findings with remediation guidance.

Reporting an issue

Found a security issue? Email [email protected]. We appreciate responsible disclosure.