Contact
Building on Next.js × Supabase and want the authorization/RLS risks closed before launch? Start with a free 30-minute consult — or send the details below.
Security audit (Next.js × Supabase)
RLS/authorization review, tenant-isolation checks, and the IDOR and business-logic risks a scanner can only flag. Fixed scope, report plus fixes.
Technical advisor
Architecture, tech selection, code review, performance. Ongoing support for your team.
Project (fixed scope)
New SaaS builds, AI-powered systems, zero-to-one. Requirements through infrastructure, end to end.
Fill in the form below and hit send. I reply within 2 business days.
Q. How does the audit relate to Aegis, the open-source toolkit?
A. Aegis automates the horizontal controls (headers/CSP, rate limiting, validation, CSRF, secrets hygiene) and flags the vertical risks it cannot fix — authorization/RLS design, tenant isolation, business logic. The audit is a human closing exactly those. It complements secure design; it does not replace it.
Q. What's the turnaround?
A. A spot review takes a few days; a standard audit is roughly 1–2 weeks depending on surface area. I confirm scope and timeline with you before any work begins.
Q. Do you work remotely?
A. Yes — fully remote and async-friendly, across time zones.
Q. Can we sign an NDA first?
A. Yes, before any scoping call. Your template or mine.
If a form is not your thing, reach me directly at the address below.