May 2026
Security + Trust Center: public technical documentation
Dedicated /security page covers multi-tenant isolation, RBAC hierarchy, auth checklist, audit trail, data portability, and incident response — with an SVG isolation diagram. /trust is an operator-friendly hub linking all policy pages with a "Recently shipped" changelog strip.
April 2026
Auth hardening: new-IP alerts, session revocation, rate limiting
Login from a new device? You'll know about it. Brute-force detection, suspicious login alerts via email, and a one-click session revoke link shipped in this round.
Read more
What changed: New-IP detection compares each login against a per-user IP whitelist. First time from a new location triggers an email alert with a signed session-revoke link. Rate limiters on /login, /signup, /otp, and /forgot-password log lockouts to a permanent security event log.
Security events are visible to admins in the God Mode panel.
Want to see it live?
HatchOS is built for freight operations that want to move faster than their competitors.
See it live → Book a Demo