Infrastructure transparency

How Certified Coach is built

Trust is our product. That starts with the infrastructure the platform runs on. Here is a plain-language explanation of every moving part — what it does, why we chose it, and what it means for you.

Six guarantees

These are the properties we engineer for — not aspirational statements, but verifiable characteristics of the platform.

Always available

The platform is hosted on Vercel, a global infrastructure provider trusted by companies including Linear, Lattice, and The Washington Post. Your data and coach profiles are served from the nearest server to you — no single point of failure.

Your data is safe

All data is stored in Neon, a managed PostgreSQL database with automatic backups and point-in-time recovery. Credentials are encrypted at rest. We maintain separate, isolated databases for development and production — test data never touches real records.

Security is automated

Every code change is automatically scanned for security vulnerabilities using GitHub CodeQL — the same tool used by NASA, Google, and Microsoft open-source projects. Known vulnerable dependencies are flagged and patched within days of discovery.

Nothing broken ships

Before any change reaches the live platform, it passes through an automated quality pipeline: code style checks, type safety verification, and a full test suite. A change that fails any of these checks cannot be deployed — period.

Zero-downtime updates

Deployments are atomic. When we release an update, a new version is prepared and tested in parallel. The switch happens in milliseconds. If anything goes wrong, we roll back to the previous version automatically.

Every change is reviewed

No code goes directly to the live platform. Every change goes through a branch, gets a dedicated preview URL for review, and is approved before deployment. This gives us a complete audit trail of every decision.

What happens when we ship an update

Every change to the platform goes through this pipeline. No step can be skipped.

Step 1

Code written

Engineer writes a change on a private branch — isolated from the live platform

Step 2

Tests run

Automated checks run: code quality, type safety, security scan, full test suite

Step 3

Preview created

A full copy of the site is deployed to a private URL for human review

Step 4

Approved

Change is reviewed and approved — only then can it proceed

Step 5

Live

Deployed atomically to production in under 60 seconds with zero downtime

The services we use

We do not build infrastructure we do not need to. We use best-in-class managed services, each chosen for reliability and trust pedigree.

Vercel

Web hosting

Runs the website and serves it to you. Every code change gets its own private preview link before it goes live — so we can check it looks right first.

Used by Linear, Prisma, and Vercel itself.

Neon

Database

Stores all platform data — coaches, certificates, academies. Uses PostgreSQL, the most trusted open-source database in the world. Automatic daily backups.

Postgres has been the world's most reliable open-source database for 30+ years.

GitHub

Source of truth

Every line of code, every decision, every bug fix is tracked here. Nothing changes without a recorded reason. The full history of the platform is auditable.

Used by 100M+ developers. Your platform's source code is version-controlled with a complete change history.

GitHub Actions

Automated testing & deployment

Runs our full test suite and security scans automatically on every change. Acts as an impartial gatekeeper — if tests fail, the change cannot proceed.

Industry-standard CI/CD. No human can accidentally skip it.

CodeQL

Security scanning

Reads every line of code looking for known security patterns — SQL injection, data leaks, authentication flaws. Runs automatically. Findings are addressed before deployment.

Built by GitHub, used by Microsoft, Google, and thousands of enterprise teams.

Dependabot

Dependency patching

Monitors every software library we depend on. When a security fix is published, it automatically raises a patch for our codebase — we don't have to remember to check.

Ensures we're never running known-vulnerable libraries in production.

Open by default

The source code for this platform is auditable. Every architectural decision is documented. Every change is traceable. We believe that trust cannot be claimed — only demonstrated.

Questions about our infrastructure or security posture? Contact us at martin@certified-coach.com