API Security
The following are a few of the mechanisms and procedures we employ in our Bridge API to keep it secure.
All sensitive operations are performed in a secure, non-internet facing compute layer.
We allow 2 active keys at once so integrators can rotate their keys inline with their corporate policies with zero down time.
We have proactive monitoring across the infrastructure.
A Web Application Firewall helps prevent DDoS attacks and detects common attacks such as SQL injection attempts and brute force attempts.
Audit logs are stored in a separate, private subnet with no inbound internet access.
We use HTTPS (TLS) for encryption in transfit and AES-256 for encryption at rest.
Regular 3rd party security audits are performed against the Bridge.