🔒 Security Overview

Security you can
verify, not trust.

Cortex was designed security-first. Your notes, keys, and data are protected by architecture — not just policy.

Security pillars

🔐

API Keys Server-Side Only

All AI provider credentials are environment variables on Vercel. They never reach the browser. Every AI call is proxied through our server with zero client-side key exposure.

🛡️

Clerk Authentication on Every Route

Every API route calls auth() from Clerk server SDK before touching any data. Unauthenticated requests receive 401 — no data is returned, no error detail is leaked.

🔒

TLS 1.3 in Transit

All traffic between your browser, our servers, Neon, and AI providers is encrypted using TLS 1.3. No plaintext connections are permitted.

🗄️

Per-User Data Isolation

Every database query includes WHERE user_id = ? scoped to the authenticated Clerk user ID. No user can access, infer, or corrupt another user's data.

🧱

Content Security Policy

A strict CSP whitelist blocks untrusted scripts, styles, frames, and connections. Browser extensions and injected scripts cannot exfiltrate data from the app context.

🚫

Input Validation & Rate Limiting

All API inputs are validated server-side (field types, lengths, enums). AI endpoints cap payload size to prevent prompt injection via oversized inputs. Public endpoints enforce IP-based rate limits.

🔢

AES-256 Encryption at Rest

Neon PostgreSQL encrypts all data at rest using AES-256. Backups are also encrypted. Database credentials are stored as Vercel environment variables, never in source code.

🌐

Dependency Transparency

We rely on widely-audited, open-source dependencies: Clerk, Neon, Next.js 15, Vercel AI SDK, Drizzle ORM. No hand-rolled cryptography. Automated Dependabot alerts for CVEs.

HTTP security headers

Every response is hardened.

Applied automatically by our Next.js server on all responses.

Strict-Transport-Securitymax-age=63072000; includeSubDomainsHSTS — forces HTTPS for 2 years including all subdomains. Browsers will not load Cortex over HTTP.

X-Frame-OptionsSAMEORIGINPrevents clickjacking by blocking the app from being embedded in an iframe on another domain.

X-Content-Type-OptionsnosniffPrevents MIME-type sniffing attacks — browsers will not execute scripts with wrong content-type.

Referrer-Policystrict-origin-when-cross-originLimits referrer information shared with third parties to origin only on cross-origin requests.

Permissions-Policycamera=(), microphone=(), geolocation=()Explicitly disables access to camera, microphone, and geolocation APIs.

Content-Security-Policydefault-src 'self'; ...Strict allowlist of permitted sources for scripts, styles, fonts, media, and connections.

Responsible Disclosure Policy

Found a vulnerability? Tell us first.

We follow responsible disclosure principles. If you discover a security vulnerability, please report it privately before public disclosure. We commit to the following response timeline:

Report received

Within 24 hours

Triage & assess

Within 48 hours

Patch critical

Within 72 hours

Patch high/medium

Within 14 days

Patch low severity

Within 30 days

CVE filed if needed

After patch

In scope

Authentication bypasses

Authorisation flaws (IDOR, privilege escalation)

SQL injection / data exfiltration

Cross-site scripting (XSS)

Cross-site request forgery (CSRF)

Server-side request forgery (SSRF)

Sensitive data exposure

Remote code execution

Out of scope

Social engineering of Cortex staff

Physical security attacks

Denial of service (DoS/DDoS)

Spam or phishing not involving Cortex infrastructure

Vulnerabilities in third-party services (Clerk, Vercel, Neon) — report to them directly

Issues already publicly disclosed or patched

Rate limiting without proof of impact

🐛

Safe harbour

We will not pursue legal action against researchers who follow this policy. We ask that you: not access or modify user data beyond your own test account; not disrupt the Service; and allow us the response timeline above before public disclosure.

Report a vulnerability →

security@cortex.app · We respond within 24 hours

Security you canverify, not trust.