Our customers’ data protected
Our mission is to help disrupt financially motivated cybercrime and as such, we practice what we preach in terms of cybersecurity. Protecting the data of victims and partners is, therefore, a key objective. Outlined below are the systems and processes we use to achieve great security at CYBERA. Contact us at email@example.com for any questions.
Security by Design
Security starts at the beginning when designing our products and services. To this end our developers follow these best practices:
- Using and following standards like OWASP
- Code reviews for vulnerabilities
- Penetration testing conducted by third parties
- Check for security vulnerabilities in our dependencies
- Train our developers in the key threats
- Running a closed bug bounty program
Bug Bounty & responsible disclosure
Please report any vulnerabilities by contacting firstname.lastname@example.org which should include a proof of concept. CYBERA will respond quickly but requests non-disclosure until fixed.
All our data is encrypted whether in transit or at rest to protect it. Sensitive information such as IBAN information runs through a cryptographic process (“Cryptobox”) before being stored inside CYBERA’s database. Also, the traffic between the browsers and CYBERA is encrypted.
We utilize HTTPS protocol, with custom domains secured with TLS certificates. In addition, all connections with remote management tools and clients are encrypted. Application secrets, database credentials, API tokens, and private keys are stored in secure environment variables.
CYBERA is built on Microsoft Web Services to provide the best infrastructure foundations.
Our Tier IV data center is hosted in Switzerland. As a Microsoft-hosted data center has all the security certifications you would expect including:
- A virtual private cloud (VPC) with clearly delineated subnets for public and private traffic.
- Separate VPCs for production and non-production (testing, staging, etc.) data and infrastructure.
- Port-based restrictions for network traffic.
- An Intrusion Detection (IDS) solution that monitors and alerts on potential malicious traffic both internally and externally.
Click here for additional information on Microsoft Swiss data centers.
In addition, we utilize an Internal Load Balancer (ILB) behind a web application firewall, which provides enterprise-level protection to public-facing applications, DDOS protection, filtering, and SQL injection prevention.
We have a dedicated security team to manage developments and ensure we utilize current best practices within our infrastructure.
We use Multi-Factor Authentication (MFA) for internal access to our network and infrastructure. Validation of both user and device identity is undertaken for access to internal resources and uses federated User Identity to provide Zero-Trust Access.
At CYBERA we operate on the ‘least privilege’ principle, ensuring all staff has only the access they need to reduce security risks. All-access is time-boxed and all actions are tracked and auditable.
We use various tools to monitor the security of our platforms across networks and applications, alerting us where potential unauthorized access is detected.