Blog

Security guides and insights for modern SaaS

Showing 4 posts tagged "rls"Clear
How to Secure a Supabase App Before Launch: Tools That Actually Test It (2026)
Security Guides·6 min read

How to Secure a Supabase App Before Launch: Tools That Actually Test It (2026)

A practical guide to Supabase security tooling — from Supabase's built-in Security Advisor to supabomb and full AI pentesting — based on our research scanning 107 YC startups, 61% of which were exposing data.

Read article
20 Million Rows Exposed: A Supabase Security Study of YC Startups
Research·11 min read

20 Million Rows Exposed: A Supabase Security Study of YC Startups

We scanned 107 Y Combinator startups using Supabase and found alarming security gaps. 28% were exposing PII through misconfigured databases. Here's what we discovered and how to protect your data.

Read more
10 Common Supabase Security Misconfigurations (and How to Fix Them)
Security Guides·9 min read

10 Common Supabase Security Misconfigurations (and How to Fix Them)

Learn how to identify and fix the most dangerous Supabase security misconfigurations that could expose your user data. Includes code examples and remediation steps.

Read more
Introducing Supabomb: Open Source Supabase Penetration Testing
Tools·13 min read

Introducing Supabomb: Open Source Supabase Penetration Testing

Meet Supabomb, our open source CLI for automated security testing of Supabase applications. Discover RLS bypasses, test storage permissions, and find vulnerabilities before attackers do.

Read more