Skip to content
Overshow
Enterprise enquiryJoin the beta

Security

Security controls designed for real-world IT governance

How Overshow protects your data — local-first architecture, encryption, access controls, PII governance and enterprise-grade security.

Local-first architectureEncryption at restPII redactionOperational controls

Security posture designed for practical enterprise review

Local-first
Core data boundary

Primary activity data stays on endpoint devices unless explicitly configured otherwise.

Built-in
PII redaction

Sensitive patterns can be removed before indexing and event emission.

Configurable
Capture scope control

Window-level rules and pause controls support policy-aligned usage.

Security priorities

What security and IT teams usually assess first

Data residency

Understand where core data is stored, indexed, and processed in default operation.

Identity and access

Validate authentication flows, session lifecycles, device trust, and revocation controls.

Sensitive data controls

Confirm redaction, ignored-window rules, and encryption boundaries meet internal policy.

Operational resilience

Review monitoring, audit logging, and failure-handling behaviour for runtime reliability.

Integration boundaries

Check API exposure, origin controls, and cloud boundary definitions before deployment.

Rollout governance

Align phased adoption with security review gates and measurable acceptance criteria.

Need to map controls to your internal review checklist?

Use the enterprise route for a structured security and rollout conversation with your technical stakeholders.

Enterprise enquiryContact us

Security controls

Core controls your IT and security teams will assess first

Local-first storage

Core data is stored locally, not in a shared SaaS database, unless you explicitly configure it.

Encryption and key hygiene

Sensitive data can be encrypted at rest, with modern key derivation and sensible token lifecycles.

PII detection and redaction

Redact emails, phone numbers, cards, and keys before anything enters indexes.

Window ignoring and scope controls

Suppress sensitive apps and define capture scope per window and per monitor.

Security, Privacy and Control

Overshow is a local-first recording and intelligence platform that keeps sensitive activity data on your own machines, protected with modern encryption and strong access controls. It is designed for IT teams that need observability and AI-powered search without sending raw screens, audio or transcripts to third-party clouds.

Data Protection and Encryption

Local-first architecture

  • All core data — video, audio, OCR text and metadata — is stored on local disks, not in a shared SaaS database, unless you explicitly configure cloud services.
  • A local SQLite database with FTS5 and vector extensions underpins search and analytics, so powerful querying stays inside your security boundary.

Encryption at rest

  • Sensitive structured data, including OCR text and audio transcriptions, is encrypted using ChaCha20-Poly1305 with keys derived from a passphrase via Argon2.
  • Video files are encrypted in 64KB chunks with ChaCha20-Poly1305, allowing secure storage and efficient streaming without decrypting entire files at once.
  • Selective encryption lets you encrypt high-risk fields while keeping non-sensitive metadata and FTS indexes in plaintext for performance.

Key handling and password hygiene

  • Passphrases are processed through Argon2 key derivation, hardening stored keys against brute-force attacks.
  • Built-in passphrase generation and strength validation (with entropy scoring) support enforceable, practical credential policies.

Identity, Access and Session Security

Authentication and device trust

  • Passwordless magic-link authentication issues HMAC-signed tokens with a 15-minute expiry, reducing exposure if mailboxes are compromised.
  • OIDC authentication with Google and Microsoft Entra ID uses PKCE flows and multi-tenant Entra support, so you can reuse existing identity and MFA policies.
  • Desktop clients register as devices against a user account, with labels and timestamps for full device provenance.
  • Device revocation and a single-active-device-per-user constraint prevent silent duplication of recording endpoints.

Sessions and token lifecycle

  • Web sessions are token-based, with SHA-256 hashed tokens and configurable expiry to align with your own standards.
  • One-time exchange codes with five-minute expiry support secure desktop-to-web authentication hand-off, reducing password entry across endpoints.

Privacy Controls and PII Governance

Local AI, explicit cloud consent

  • Embedded Llama 3.2 models and BGE-small embeddings run directly on user machines, so chat and semantic search do not require external LLM APIs by default.
  • Cloud assistant integrations via Model Context Protocol (e.g. Claude Desktop, Cursor) require explicit user consent and default to local-first access.

PII detection and redaction

  • Built-in PII removal can redact emails, phone numbers, credit cards, SSNs and API keys from OCR text, and optionally from real-time audio events, before data enters search indices.
  • PII severity levels (High, Medium, Low) let you tune detection to your organisation's risk posture.
  • Custom regex patterns and domain whitelisting mean you can preserve trusted corporate identifiers (such as internal email domains) while aggressively stripping high-risk data.

Data minimisation in recording

  • Window ignoring and pattern-based exclusion rules allow automatic suppression of sensitive applications like HR, payroll or password managers.
  • Per-window, multi-monitor and unfocused-window controls give precise scope over what is captured in any given environment.

Operational Security and Governance

Audit, monitoring and compliance support

  • Security-relevant actions and IP addresses are logged in a cloud PostgreSQL schema for audit and incident response.
  • Health check endpoints for the API, web portal and database make it straightforward to plug Overshow into existing monitoring and alerting.
  • The desktop application performs continuous health checks on audio, video and database components, restarting on failures to minimise blind spots.

Abuse protection and admin boundaries

  • PostgreSQL-backed API rate limiting uses a bucketed window strategy, with controlled fail-open behaviour if limits cannot be enforced.
  • Admin-only operations such as user search and feedback management are exposed through OAuth-protected routes in the operations dashboard.

Secure delivery and runtime hardening

  • Desktop binaries are code-signed (Apple code signing on macOS, Authenticode on Windows) and macOS builds are notarised for Gatekeeper compatibility.
  • Automatic updates are distributed via a hardened CDN and packaged as OS-native installers (DMG/PKG, MSI/EXE) to simplify patch rollout.
  • A resource monitor tracks CPU and memory usage every 30 seconds, and auto-destruct plus PID-watching patterns prevent orphan processes.

Secure Integration and API Surface

Controlled API exposure

  • A REST API on a configurable port, with an OpenAPI specification, makes it easy to position Overshow behind existing API gateways or WAFs.
  • WebSocket endpoints provide real-time frame streaming, events and health checks, suitable for secure internal integration.
  • CORS support is enabled by default and can be restricted in deployment to match your organisation's origin policies.

Cloud boundaries by design

  • A dedicated cloud PostgreSQL schema (Neon) is used for authentication, billing and entitlements rather than raw activity content, reducing the blast radius of any cloud-side issue.
  • Stripe integration for subscriptions uses idempotent webhook handling with failure tracking for predictable billing operations.

Secure AI and Search

  • Full-text, keyword and semantic search operate against local SQLite and vector stores, avoiding external search services.
  • Voice activity detection, speaker diarisation and identification rely on local models (Silero VAD, PyAnnote, Whisper) so meeting analytics remain inside your perimeter.
  • OpenAI-compatible chat and embeddings endpoints let you integrate Overshow with existing AI tooling while keeping data residency under your control.

Built for IT and Security Teams

Overshow combines endpoint-level observability with enterprise-grade privacy, encryption and access controls. It supports environments where regulatory, contractual or internal risk constraints prohibit uncontrolled screen and audio data from leaving the organisation.