All our services are hosted on AWS infrastructure.
All our instances have different credentials and Password logins are disabled. We create additional layer of isolation by running our services inside containers.
Our services running on private networks. They cannot be accessed from public internet.
Our public endpoints can be accessed only through a securely encrypted HTTPS. We support only modern ciphers and TLS v1.2 and above. Our services use a trusted Cerficate Authority and get TLS Certificate Rating A+ from Quallys SSL Labs
No part of our services are arbitarily exposed to internet
Our private keys are protected by Hardware Security Modules (HSMs) with FIPS-140-2 security standards by NIST. They are never exposed, not even to our internal services.
Your password is never stored as a plaintext in our database. We use secure, modern hashing functions to hide your password. Even we don't have access to your password.
The storage devices running our server instances are always encrypted by default
We utilize security analysis tools for code analysis and dependency vulnerabilities.
We use variety of tools for monitoring the health status of our services to make sure all our services up and running.
We are constantly working on improving our services and building new feature. Rapid development comes with a risk of unintentionally breaking already working parts of the application. We prevent this by having a good test coverage in our development.
We use automated CI/CD pipelines when releasing new updates on our services. Latest version reaches to users on our production servers, only after we make sure everything works as they should. Pipeline environments are Testing > Staging > Production.