Security Program

BarrelHub is designed for teams connecting proprietary upstream data, internal assumptions, public records, vendor exports, and AI-assisted workflows with clear permissions and source history.

BarrelHub enforces API scope-based authorization, audited mutation paths, role-aware permissions, and explicit approval controls for high-risk operations.

Source lineage, citations, and review workflows help teams understand which data and assumptions supported an AI output before it becomes a memo, report, API response, or workflow action.

Control-plane safeguards include fail-safe rate-limit/quota behavior with degraded-state telemetry and alert checks for on-call response.

Webhook ingest endpoints enforce signed request validation and replay protection where configured.

For vulnerability disclosure, contact security@barrelhub.co and include reproduction steps.

Compliance mappings and retention controls are described in compliance.