We are dedicated to the security of your data and information.
Last updated: February 7, 2022
We follow industry best practices, so security is baked right into our product and regular development processes including code reviews, unit & integration tests.
All engineers are required to know OWASP vulnerabilities and use libraries, frameworks, and mitigations vetted and recommended by the security community.
We regularly update our servers, tools, libraries, and patching vulnerabilities as they are discovered. Our application, host, and network are automatically scanned. We also automatically detect out-of-date dependencies.
Data in transit runs entirely over SSL. All passwords are hashed using bcrypt and billing information is entirely managed by our PCI-compliant payments providers (Stripe and PayPal).
Secrets are stored securely and never in source code. Access to our infrastructure and related services requires SSH and two-factor authentication when possible.
We are committed to making Preceden highly available. Our infrastructure runs on fault-tolerant systems and backups are made daily. We leverage redundant third-party providers to provide 24/7 monitoring and alerting of any downtime.
Preceden is hosted on Heroku, a cloud application platform used by organizations of all sizes to deploy and operate applications throughout the world. Preceden is deployed to the United States (US) region. For information about data residency, see Heroku's documentation on data residency for Postgres applications.
Heroku’s physical infrastructure is hosted and managed within Amazon’s secure data centers and utilize the Amazon Web Service (AWS) technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under:
We welcome responsible security research and disclosure on our product and infrastructure. Potential vulnerabilities can be reported by emailing [email protected]. Valid findings will be considered for compensation.