The Audit Builder traffic goes through Cloudflare with WAF (Web Application Firewall) enabled. The application runs in Kubernetes, wherein the Ingress controller ModSecurity is enabled. Containers run under a non-root user and network policies are applied everywhere. The Audit Builder project includes a cluster with multiple databases for the clients, each running on a virtual machine, without external access. Databases can be accessed only from the Audit Builder application. Each database is backed up and stored separately. All credentials are stored in the Vault. Access rights are allocated according to the role model.