-
Use Cases
-
Resources
-
Pricing
We are dedicated to the security of your data and information.
Last updated: February 7, 2022
We follow industry best practices, so security is baked right into our product and regular development processes including code reviews, unit & integration tests.
All engineers are required to know OWASP vulnerabilities and use libraries, frameworks, and mitigations vetted and recommended by the security community.
We regularly update our servers, tools, libraries, and patching vulnerabilities as they are discovered. Our application, host, and network are automatically scanned. We also automatically detect out-of-date dependencies.
Data in transit runs entirely over SSL. All passwords are hashed using bcrypt and billing information is entirely managed by our PCI-compliant payments providers (Stripe and PayPal).
Secrets are stored securely and never in source code. Access to our infrastructure and related services requires SSH and two-factor authentication when possible.
We are committed to making Preceden highly available. Our infrastructure runs on fault-tolerant systems and backups are made daily. We leverage redundant third-party providers to provide 24/7 monitoring and alerting of any downtime.
Preceden is hosted on DigitalOcean, a cloud infrastructure provider serving customers worldwide. Preceden is deployed to DigitalOcean's New York region (NYC1). For information about data residency, see DigitalOcean's data center locations.
DigitalOcean operates SOC 2 Type II audited data centers and complies with major industry standards including:
We welcome responsible security research and disclosure on our product and infrastructure. Potential vulnerabilities can be reported by emailing [email protected]. Valid findings will be considered for compensation.