Features Labels Pricing Support About Contact
Home Features Security & Platform
Core Feature

Enterprise-Grade
Security

TOTP two-factor authentication, AES-256-GCM customer-level encryption, AWS infrastructure with WAF protection, multi-tenant data isolation, REST API v1, subscription management, and comprehensive audit trails — built for organisations that demand the highest security standards.

AES-256
GCM Encryption
22+
Multi-Tenant Isolation
WAF
AWS Protection
v1
REST API
Authentication & 2FA

Multi-Layered Authentication for Every User

Session-based web authentication with secure cross-domain handoff, TOTP two-factor authentication compatible with Google Authenticator and Authy, biometric login on mobile, and trusted device management. Enforced 2FA for admin and owner roles.

  • TOTP (RFC 6238) with 8 bcrypt-hashed backup codes
  • Face ID and Touch ID biometric login on iOS/Android
  • Trusted device remember-me with individual revocation
  • Redis-based rate limiting: 10 login attempts per 15 minutes
AXITRAQ Authentication and 2FA
Customer-Level Encryption

Your Data. Your Encryption Key.

Every company gets a dedicated AWS KMS encryption key. Documents are encrypted with AES-256-GCM using envelope encryption — transparent on upload, decrypted on download. Emergency key controls let you disable access instantly.

  • AWS KMS customer-managed keys, one per company
  • Licences, certificates, qualifications, IDs, and signatures encrypted
  • Emergency key disable/re-enable capability
  • Full audit logging of all encryption operations
AXITRAQ Data Security and Encryption
Multi-Tenant Data Isolation

Complete Data Isolation Between Companies

Every database table includes a company_id column and every query filters by it. 22+ tables are scoped at the data layer with guard clauses that return 403 if no company context is available. Cross-company access is blocked at every endpoint.

  • Assets, employees, users, inspections, checklists, timesheets, jobs
  • Image proxy validates company ownership before serving files
  • IDOR protection: cross-company file access blocked via ownership JOIN
  • API v1 endpoints enforce company_id scoping on every request
AXITRAQ Multi-Tenant Data Isolation
AWS Infrastructure

Production-Grade Cloud Infrastructure

Built on AWS with ECS Fargate, RDS MySQL with Multi-AZ, S3 with cross-region replication, WAF protection, CloudWatch monitoring, and Secrets Manager — all managed via Terraform.

ECS Fargate

2 tasks, 512 CPU / 1024 MB each with PHP 8.2-FPM + Nginx containers

RDS MySQL 8.0

Multi-AZ deployment with 35-day backup retention, PITR, and encrypted storage

S3 Storage

Versioned with Glacier lifecycle, KMS encryption, and cross-region DR replication

AWS WAF

Common rules, SQLi protection, IP reputation, bad inputs, 2000 req/5min rate limit

CloudWatch

Alarms for RDS CPU/storage, ECS CPU/memory, ALB 5xx errors, and billing thresholds

Secrets Manager

All credentials via AWS Secrets Manager, injected through ECS task definitions

Health Checks

ALB pings /api/health.php every 15s with circuit breaker rollback on failure

Terraform & CI/CD

Infrastructure as Code with GitHub Actions: syntax check, audit, build, deploy, rollback

Security Headers

HSTS, Content-Security-Policy, and Permissions-Policy headers enforced on all responses

Subscription & Billing

Flexible Plans with Self-Service Billing

Choose from Basic, Standard, Premium, or build a Custom plan with interactive sliders. Manage everything from within the platform — update payment cards via Stripe Elements, view invoices from Zoho, change or cancel plans with one click.

  • Basic (£25.99/mo), Standard (£52.99/mo), Premium (£105.99/mo), Custom — all ex VAT
  • Custom plan builder with tiered volume discounts
  • Zoho Subscriptions with full webhook lifecycle management
  • Quota enforcement at every entity creation point
AXITRAQ Subscription and Billing
REST API v1

Integrate with Any System via API

The versioned REST API v1 provides programmatic access to assets, employees, timesheets, and reports. Authenticate with scoped API keys, filter with pagination and search, and receive standardised JSON responses with error handling.

  • Assets, employees, timesheets, and reports endpoints
  • Per-key scopes: assets:read, employees:read, timesheets:read, reports:read
  • SHA-256 hashed storage with configurable rate limits and expiry
  • Self-documenting reference at /api/v1/docs.php
AXITRAQ REST API v1
Soft Delete & Audit Trail

Nothing Is Lost. Everything Is Logged.

Major entities use soft delete with deleted_at and deleted_by columns — data is never permanently destroyed. The enhanced audit log captures every action with user identity, company context, user agent, and detailed change descriptions.

  • Soft delete on jobs, parts, departments, templates, invoices
  • Invoice deletion reverses all side-effects automatically
  • Nightly database backups to S3 with KMS encryption
  • 30-day daily + 52-week weekly retention with cross-region DR
AXITRAQ Soft Delete and Audit Trail
Automated Tasks

Set It and Forget It

Scheduled cron jobs handle critical recurring tasks automatically. Registration expiry alerts go out daily via email, SMS, and in-app notifications. Reward deductions for missed post-stop checklists run at midnight. Database backups happen nightly.

  • Registration expiry check: daily at 7am AEST
  • Rewards missed post-stop: daily at 12:30am AEST
  • Nightly mysqldump to S3 with KMS encryption
  • Alerts via email, SMS, and in-app notifications
AXITRAQ Automated Tasks
Get Started

Ready for Enterprise-Grade
Asset Management?

Start your 30-day free trial and experience the security, reliability, and scalability your organisation demands.

Start Free Trial Explore All Features