Protect your Supabase from data leaks
Daily automated scans detect exposed keys, misconfigured tables, sensitive data leaks, and missing RLS policies before they become costly security incidents.
Comprehensive security insights
Every scan checks your entire Supabase configuration for common security vulnerabilities
Exposed Keys Detection
Automatically detects if your anon/service keys and project URLs are exposed in client-side JavaScript bundles.
Public Table Analysis
Identifies all database tables accessible through your public API endpoint, scans for sensitive data like emails, passwords, and credit cards, and flags potential data leaks.
RLS Policy Checks
Alerts when tables are missing Row Level Security policies, leaving your data vulnerable to unauthorized access.
Start monitoring today
Enter your website to receive daily security reports
See what you'll receive
Example security scan report delivered to your inbox
Daily Security Scan Report
Security scan foryourdomain.com
Your anon key and project URL are visible in client-side JavaScript. This allows anyone to access your Supabase API.
The following tables can be queried by anyone with your anon key:
Found sensitive information including email addresses, phone numbers, and credit card data in publicly accessible tables:
3 tables have no RLS policies enabled, allowing unrestricted read/write access:
Simple, transparent pricing
One price. All features included.
Everything you need to secure your Supabase
- Daily automated security scans
- Email alerts with detailed reports
- Exposed key detection
- Public table identification
- Sensitive data detection in exposed tables
- Row Level Security checks
- Instant vulnerability notifications