Expert for a paid multi-tenant security audit
Looking for a Supabase security expert for a paid code review engagement.
We have built a multi-tenant SaaS application on Next.js and Supabase. Before we go live with external users, we want an independent senior engineer to audit the security of the platform.
RLS policies across all tables, all operations
Cross-tenant data isolation verification
Service role key handling
Auth and session security
Storage bucket and signed URL security
API route authentication
We would want a written report with findings, severity ratings, and recommendations. Clear verdict on tenant data isolation specifically.
If you have hands-on experience with multi-tenant Supabase applications and RLS in production, please reach out. To help me evaluate fit, tell me what the most common RLS failure modes are in a multi-tenant application.