Security
Application Security
We follow best practices of modern web browser security by supporting HTTP strict transport security protocols (HSTS) and a content security policy (CSP).
All traffic is encrypted in transit via TLS 1.3.
All application data is encrypted at rest with AES 256-GCM.
Application Security
Non-critical operations leverage cloud infrastructure that has undergone SOC 2 type examination.
We use Google cloud DDOS detection and traffic filters to guard against denial of service attacks.
Security sensitive services are physically isolated on separate machines to defend against Specter class vulnerabilities.
We’ve built an integrated monitoring system to automatically detect, alert and mitigate potential attacks.
We use Google cloud DDOS detection and traffic filters to guard against denial of service attacks.
Security sensitive services are physically isolated on separate machines to defend against Specter class vulnerabilities.
We’ve built an integrated monitoring system to automatically detect, alert and mitigate potential attacks.