Distributed Denial of Service (DDoS) mitigation services powered by industry-leading solutions
Firewall and VPN services to help block unauthorized system access
User data is stored and encrypted on a network not connected to the internet.
Systems access logged and tracked for auditing purposes
All changes to user accounts are logged for auditing
Regular, off-premise, multi-region, backups.
User data is soft-deleted to protect from user mistakes. Data is permanently deleted when the account is scheduled for deletion.
All software dependencies are kept up to date and are patched on a regular basis.
Stable system updates and security patches are applied at the hardware level when they are released.
All user data is served over HTTPS with TLS 1.2 and TLS 1.3.
Two factor authentication is available for extra security.
All passwords are salted and encrypted.
Requests to authorize users in our system are rate limited to protect from malicious traffic.
Tester identifying data is stored separately from their responses to preserve their anonymity.
We do not store credit card data. All of our payments are processed by Stripe, a company dedicated to PCI-Compliance: https://stripe.com/docs/security/stripe