Certifications and compliance
- SOC 2 Type II certification validating security, availability, and confidentiality controls (report available upon request).
Data encryption
- In transit: TLS 1.2+ for all API communications.
- At rest: AES-256 for any stored data.
- Key management: Enterprise key management services with strict access controls.
Infrastructure security
- Cloud infrastructure: Hosted on enterprise-grade cloud platforms.
- Network security: VPC segregation, network segmentation via security groups and ACLs, multi-layer firewalls, DDoS protection, and no public database endpoints.
- Hardening: Baseline configurations, timely patching, and least-privilege service roles.
Privileged access management
Privileged and administrative access requires multi‑factor authentication with strict role‑based access control.
All privileged access is logged, continuously monitored, and regularly reviewed.
Access follows least‑privilege principles with just‑in‑time elevation where applicable.
Vulnerability management and secure development
Independent scans (Bastion Technologies) with tracked remediation.
Independent assessors validate controls and exploit paths.
Automated threat detection and alerting across infrastructure and apps.
Defined timelines by severity for fast, predictable fixes.
Design reviews, code scanning, dependency checks, and secure API patterns.
Regular training to maintain security awareness and best practices.
Malware and threat prevention (crawling safeguards)
Blocks malware, phishing, and malicious sources before indexing or serving.
Ranking protects against sensitive and prohibited content exposure.
High‑risk sites are automatically blocked.
Control results via the
ExcludeDomains API parameter.Respect for
robots.txt; no circumvention of CAPTCHAs or access controls.