Features
Comprehensive database security through query whitelisting and bidirectional validation.
Query Validation
Query Whitelist
Define exactly which queries are allowed. All other queries are blocked.
- SQL parsing and normalization
- Parameter placeholder support
- Table and column restrictions
- Query complexity limits
Prepared Statements
Full support for PostgreSQL's Extended Query Protocol.
- Parse/Bind/Execute validation
- Parameter type checking
- Statement caching
Response Validation
Schema Enforcement
Ensure responses match expected structure.
- Column whitelist per query
- Data type validation
- Null constraint enforcement
- Array depth limits
Data Protection
Prevent sensitive data leakage.
- Row count limits
- Column masking
- Result size limits
- Error message sanitization
Security Features
SQL Injection Prevention
Query whitelist approach makes SQL injection impossible. Only pre-approved queries can reach your database.
Complete Audit Logging
Every query and response is logged with full context. Immutable audit trail for compliance and forensics.
TLS Everywhere
TLS encryption for client connections and database connections. Certificate validation supported.
Operational Features
Low Latency
Less than 5ms added latency per query. Optimized Rust implementation with zero-copy where possible.
Monitoring
Prometheus metrics endpoint. Query statistics, latency histograms, error rates.
Hot Reload
Update query whitelist without restart. Zero-downtime configuration changes.