Data Encryption: We encrypt all our data both at rest (database encryption) and in transit(TLS/SSL). In addition to that we store sensitive data, such as wallet credentials in a dedicated store for secrets - Hashicorp Vault.

Authentication and Authorization: Our multi-factor authentication (MFA) and role-based access control (RBAC) ensure secure access for authorized users.

Input Validation: We sanitize and validate all user inputs to prevent injection attacks like SQL injection and Cross-Site Scripting (XSS).

OWASP Top Ten: Performing penetration tests to address the OWASP Top Ten risks is a regular practice for us, safeguarding against common security threats.

Regular Audits: Conducting routine security audits is a key part of our strategy, validating the effectiveness of our security measures.

Regular Patching and Updates: We consistently keep our dependencies up-to-date with the latest security patches to prevent vulnerabilities.

Secure Development Lifecycle: Our development team adheres to secure coding practices, conducts regular code reviews, and employs advanced analysis tools.

API Security: Robust authentication and proper input validation ensure the security of our APIs.

Logging and Monitoring: We employ comprehensive logging and monitoring, promptly responding to any potential security incidents.

Secure Network Configuration: Our services and databases run in private subnets, thus are not available on the broader internet by desing. All outbound communication happens through NAT gateways, all inbound traffic is securely routed through load balancers.

Incident Response Plan: A well-defined incident response plan guides our actions in case of a security breach, minimizing potential impact.

Employee Training: Our team is well-trained in security best practices and adept at recognizing and responding to social engineering threats.