SecureVault — Encrypted File Transfer Portal
Next.jsTypeScriptPostgreSQLRedisWeb Crypto APIDocker
Overview
SecureVault is a self-hosted file transfer platform designed for organizations that handle sensitive data. It provides end-to-end encryption with zero-knowledge architecture — the server never has access to unencrypted file contents.
Key Features
- End-to-End Encryption: Files are encrypted client-side using AES-256-GCM before upload. Encryption keys never leave the sender's browser
- Expiring Links: Shared files can be configured with expiration times, download limits, and password protection
- Audit Logging: Complete audit trail of all file operations for compliance requirements
- SSO Integration: SAML 2.0 and OIDC support for enterprise authentication
- Admin Dashboard: Real-time monitoring of storage usage, active transfers, and user activity
Security Measures
Implements defense-in-depth with TLS 1.3 for transport security, AES-256-GCM for file encryption, Argon2id for password hashing, and CSP headers to prevent XSS. Regular security audits and penetration testing are conducted against the platform.
Impact
Deployed across three organizations handling HIPAA-regulated data. Replaced insecure email attachment workflows and reduced data exposure risk by eliminating persistent file storage on third-party platforms.