Keygen = Security
Our team has built state-of-the-art security into our product suite, so that you can rest easy knowing your data is safe with us.
We use 256-bit encryption at all levels of our systems. We enforce TLS (HTTPS) to protect sensitive data transmitted to and from applications.
All data is encrypted at-rest with industry-standard AES-256 block-level storage encryption. Keys are securely managed by Amazon EBS.
Password + Secret Hashing
We never store passwords or secrets as clear text. Passwords and API access tokens are securely hashed using industry-standard bcrypt, and all secrets are securely encrypted in-transit and at-rest.
We have strong 2FA policies for all Keygen employees, and we allow you to do the same by supporting 2FA for all Dashboard admin users.
We provide cryptographic signatures of all API requests, and we provide the ability to sign and encrypt license keys, all to help combat common licensing attack vectors such as man-in-the-middle attacks.
Our infrastructure provides DDoS mitigation techniques including TCP Syn cookies and connection rate limiting in addition to maintaining multiple backbone connections and scaleable internal bandwidth capacity.
Our infrastructure utilizes ISO 27001 and FISMA certified data centers managed by Heroku and Amazon.
Our data and infrastucture providers employ power systems designed to be fully redundant in the event of an electrical failure, in addition to automatic fire detection and suppression systems, and climate control.
ISO 27001, 27017, 27018
Our infrastructure and data providers, Heroku and AWS, have achieved ISO 27001, ISO 27017, and ISO 27018 certifications.
SOC 1, 2, 3
Our infrastructure and data providers, Heroku and AWS, have achieved SOC 1, SOC 2, and SOC 3 certifications.
Our payment processor, Stripe, used for encrypting and processing card and bank details, is PCI DSS Level 1 compliant.
Have other questions related to security? Ask away.