Architecture Overview

A high-level view of how Revzio is built, for security reviewers. Detailed design documentation (low-level design, network topology, data-flow diagrams) is available to customers and auditors under NDA — see how to request documents.

flowchart TB
    U[Customer org users<br/>web browser]

    subgraph edge[Edge / Security]
        NX[Reverse proxy<br/>TLS 1.2+ termination]
        CS[Intrusion detection / prevention]
    end

    subgraph app[Application tier · stateless]
        FE[Frontend]
        BE[Backend API]
        WK[Background workers]
    end

    subgraph data[Data tier]
        PG[(Managed PostgreSQL<br/>AES-256 at rest<br/>Row-Level Security)]
        RD[(Queue / cache)]
    end

    U -->|HTTPS| NX --> CS
    NX --> FE
    NX --> BE
    FE --> BE
    BE --> PG
    BE --> RD
    WK --> PG
    BE -.encrypted credentials.-> EXT[External billing / ERP / LLM]
    WK -.scheduled sync.-> EXT

Key properties

• Single, hardened entry point. All traffic enters through a reverse proxy terminating TLS 1.2+, fronted by intrusion detection/prevention.
• Multi-tenant isolation. Every tenant's data is isolated by PostgreSQL Row-Level Security scoped to the organization; requests are validated against the authenticated organization.
• Stateless application tier. The frontend and backend hold no durable state; all state lives in managed PostgreSQL and a queue/cache layer, simplifying recovery and scaling.
• Encryption everywhere. TLS 1.2+ in transit; AES-256 at rest. Credentials for external systems are stored encrypted (AES-256-GCM) and never exposed to the browser.
• Controlled integrations. Connections to billing, ERP, and LLM providers are used only for enabled features, on-demand by the API or on schedule by background workers. See Subprocessors.

This overview is intentionally high-level. The low-level design, network/deployment topology, and data-flow documentation are shared under NDA.