Architecture · Guardrails · API-driven security platform

Exovai is designed for developers who care about security, extensibility, and operational structure.

The platform brings together modular backend services, workspace isolation, role-aware behavior, scan workflows, findings, incident management, and auditability. The engineering direction favors maintainability, controlled execution, and clear extension points over fragile complexity.

Discuss engineering Return to main page

Core engineering principles

Exovai is meant to be a clean platform to build on, not a tangled set of security scripts.

Modular services

Separate concerns across scans, workspaces, incidents, members, and results.

RBAC-aware flows

Permissions influence behavior across views, actions, and access paths.

Guardrail-first design

Target validation, SSRF protection, and rate limits are treated as system rules.

Monorepo maintainability

Supports long-term product growth with clearer boundaries and shared platform logic.

Suggested stack direction

The platform is already aligned with a modern full-stack security product shape.

  • 01
    Backend
    Node / Express for modular API services and structured security workflows.
  • 02
    Data layer
    Prisma + Postgres for relational consistency, auditability, and clear modeling.
  • 03
    Authentication
    Firebase Auth with server-enforced role validation and workspace-aware access.
  • 04
    Deployment direction
    Cloudflare Workers and edge routing for modern delivery and service composition.

Platform flow

A clean operational model makes it easier to reason about product behavior and extend it safely.

authorized target ↓ controlled scan request ↓ validation + guardrails ↓ findings + artifacts ↓ incident creation ↓ assignment + remediation tracking ↓ audit history + workspace visibility

Developer-facing strengths

Exovai gives engineering teams a better platform shape for security work than isolated scanning utilities.

Clear extension points

New scan modules, integrations, or reporting features can be added without rebuilding everything.

Operational modeling

Findings, incidents, users, and workspaces map naturally to product behavior and data structure.

Safer system behavior

Guardrails live at the platform level, reducing accidental misuse and enforcing product discipline.

Engineering collaboration

This page can be used as the developer-facing entry point for architecture discussion, platform planning, or team contribution alignment.

Talk with engineering Request technical overview