Security
AWS Infrastructure
All our services are hosted on AWS infrastructure.
Isolated Services
All our instances have different credentials and Password logins are disabled. We create additional layer of isolation by running our services inside containers.
Virtual Private Cloud (VPC)
Our services running on private networks. They cannot be accessed from public internet.
Network
Communication over TLS and HTTPS
Our public endpoints can be accessed only through a securely encrypted HTTPS. We support only modern ciphers and TLS v1.2 and above. Our services use a trusted Cerficate Authority and get TLS Certificate Rating A+ from Quallys SSL Labs
Firewalls
No part of our services are arbitarily exposed to internet
Encryption
Private Key Protection
Our private keys are protected by Hardware Security Modules (HSMs) with FIPS-140-2 security standards by NIST. They are never exposed, not even to our internal services.
Protected Passwords
Your password is never stored as a plaintext in our database. We use secure, modern hashing functions to hide your password. Even we don't have access to your password.
Encrypted Disks
The storage devices running our server instances are always encrypted by default
DevSecOps Principles
Security Analysis Tools
We utilize security analysis tools for code analysis and dependency vulnerabilities.
Service Health Monitoring
We use variety of tools for monitoring the health status of our services to make sure all our services up and running.
Automated Tests
We are constantly working on improving our services and building new feature. Rapid development comes with a risk of unintentionally breaking already working parts of the application. We prevent this by having a good test coverage in our development.
Automated & Multi-Step Deployments
We use automated CI/CD pipelines when releasing new updates on our services. Latest version reaches to users on our production servers, only after we make sure everything works as they should. Pipeline environments are Testing > Staging > Production.
Last updated