Compliance

This page describes our information security posture and compliance.

Infrastructure

All our infrastructure is hosted on Azure which is certified for SOC 3, ISO 27001, FedRAMP and many other standards.

Security monitoring is performed by Azure Defender.

Engineering

Code is developed in a secure manner. A partial list of secure coding techniques used includes:

• Static and dynamic code analysis using multiple tools
• Weekly check of published CVEs
• Monitoring of code stability in production
• Digital signing of production code to prevent tampering
• Penetration testing