Security & trust
Built so both sides can trust the work.
A marketplace only works if builders trust the feedback and testers trust they’ll be paid. Here’s what keeps herdtest safe on both sides.
Signed NDAs
Sessions can require a non-disclosure agreement before the room unlocks. The exact terms a tester agrees to are captured and frozen for the record — even if the terms change later.
Escrow payments
When a builder accepts a tester, the session fee is held in escrow and only released when the session is completed — or refunded if the spot is cancelled. Testers know they’ll be paid; builders only pay for finished work.
Two-way reputation
Builders and testers rate each other after every completed session, so quality compounds and bad actors surface fast.
Access controls
Only a session’s builder and its accepted testers can enter the live room, and only the two parties to a thread can read their messages. Every action is authorized on the server.
Hardened by design
Sessions are protected against forged requests (CSRF), a strict content-security-policy blocks injected scripts, cookies are httpOnly and same-site, and passwords are hashed with bcrypt.
Verified people
Testing is done by real, profiled testers — not anonymous panels — so the feedback comes with context you can act on.
Found a security issue? We’d love to hear from you — get in touch.