Built for the data developers actually trust you with.
Candidate code, AI conversations, proctoring signals, hiring decisions — encrypted in transit and at rest, scoped to the right people, and never used to train anyone's model.
Scoped auth, every request
JWTs with sliding refresh, bcrypt password hashing, role-aware route guards, and rate limits on auth, AI, and code execution.
Encrypted everywhere
TLS 1.3 in transit, AES-256 at rest in Postgres + Redis. Logs strip passwords, tokens, and auth headers before they touch disk.
AI policy is enforced server-side
maxPrompts, socratic-only, and disabled flags are checked on every workspace request — not just the UI. Every prompt is audit-logged.
Proctoring stays in the browser
MediaPipe processes webcam frames locally. Only aggregate scores and bounding-box metadata reach our servers — never raw video.
Blind review is auditable
When enabled, candidate identities are stripped from the UI. Every reveal click is logged with timestamp and reviewer ID.
Your data stays your data
Anthropic and DeepSeek both prohibit training on API traffic by default. Anthropic requests carry only a salted hash of the candidate ID — never their email or raw ID. Candidates can delete their account and every submission in one click.
Found something? Email security@maven.dev. We respond within 24 hours and credit researchers in the changelog.