Security Practices

As of November 1st, 2023

Data Security

  • All our components are hosted within a secure VPC and data is encrypted at rest with AWS KMS using AES-256. Furthermore, we employ TLS 1.2 or higher for encryption in transit.

  • Our application secrets are also securely encrypted at rest with KMS and AES-256.

Product Security

  • implements regular penetration testing and conducts vulnerability scanning at crucial stages of our Secure Development Lifecycle (SDLC).

  • Our security strategies include both black-box and grey-box testing during penetration testing.

  • We utilize various methods to ensure the security of our system, including Static analysis, Software composition analysis, Malicious dependency scanning, Dynamic analysis, and Network vulnerability scanning.

Access Management

  • We leverage reputed SSO services for securing our identity and access management.

  • Access to applications is role-based and is automatically revoked upon the end of employment.

  • Any further access must comply with the policies set for each application.

Data Protection

  • We guarantee that all customer data is encrypted both at rest and during transit.

  • AWS Key Management System (KMS) is responsible for managing our encryption keys.

Security Education

  • Comprehensive security training is provided to all employees during their onboarding process and is refreshed annually through educational modules within our platform.

  • Our team shares regular threat briefings in communication channels to keep them informed of important security updates.

Vendor Security

  • We ensure secure remote access to internal resources using WireGuard.

  • To provide an additional layer of protection, we also use malware-blocking DNS servers to safeguard employees and their endpoints while browsing the internet.

Last updated