Enterprise-Grade Isolation: Dedicated Infrastructure for Your QA
Per-org Railway provisioning - dedicated PostgreSQL, server, and runner. True physical isolation, not tenant_id. Here is what dedicated infrastructure actually means.
In most SaaS applications, "your data" is a row in a shared table with a tenant_id column. A developer forgets one WHERE clause and suddenly your customer list is visible to someone else's account. This is not theoretical - it has happened at major SaaS vendors, repeatedly, including ones whose entire marketing is "enterprise-grade security." A shared database is a single misconfiguration away from a data leak, no matter how many audit certifications the vendor has framed on the wall.
Validate.QA Enterprise takes a different approach. Every enterprise organization gets its own dedicated infrastructure - a separate PostgreSQL database, a separate server instance, a separate cloud runner - provisioned on Railway and isolated at the network and process level. There is no shared table to forget. There is no tenant_id column to misquery. Your data lives on servers that only your organization talks to. If those servers go down, only your organization is affected. If those servers are compromised, the blast radius stops at your organization.
This post explains what "dedicated infrastructure" actually means in practice - what gets provisioned, how the isolation is enforced, how the platform-server (port 3002) orchestrates org lifecycle, and why this matters for compliance and security. Not marketing copy. Architecture.
The Two-Layer Architecture
Validate.QA is built as two distinct layers that communicate only over well-defined APIs. The platform layer is the control plane. It runs on its own server (port 3002 internally), has its own database called talk2test_platform, and does exactly three things: manages organization lifecycle (signup, plan changes, cancellation), provisions and monitors Railway infrastructure per org, and exposes an admin dashboard for our team to operate the service. The platform layer never sees your test data. It does not store your screenshots. It does not hold your tests. It only knows that your organization exists, which Railway project is assigned to it, and how healthy that project is.
Topics: Enterprise, Security, Compliance, Infrastructure.
Read the full article · Get Started Free