We are very grateful to those who have pointed out essential security problems with our offerings.
| Person | Organization | Security Issue(s) Raised |
|---|---|---|
| Peter Carson | Envision IT | need separate consent experiences for onboarding a tenant for read vs. onboarding a tenant for write need documented operational processes (important for SOC 1 and 2 compliance) |
| Jennifer Johnson | Microsoft | need documented security architecture (important for any security conscious customer) |
| Aviad Carmel | Salt Labs | you must verify audience claims in OAuth tokens |