Security, privacy and compliance

This page outlines our cloud infrastructure setup and code residency practices, including where our systems run and how we manage and deploy our code. Our approach ensures a robust, isolated environment for development and production, with clear geographic boundaries for data and code.

Infrastructure Setup

Cloud Platform & Data Centers: We run our services on AWS. Our production environment is hosted in AWS’s US East (Ohio) region. For development and testing, we maintain a separate environment in AWS’s EU Central (Frankfurt) region. This multi-region setup provides geographic diversity and can accommodate data residency requirements. All servers and data for the live (production) service reside in the United States, while the EU environment is used for non-production purposes.

Environment Isolation: We strictly separate development and production resources. Development, staging, and production environments are fully isolated from each other. Each environment runs in its own AWS account and Kubernetes cluster, ensuring that test and staging data never mingle with live customer data. This isolation means that any testing or QA activities occur in a sandboxed environment, providing an extra layer of security before code reaches production.

Containerized Kubernetes Deployment: Our application is containerized and orchestrated via AWS EKS. We use infrastructure-as-code (Terraform) to provision and manage the Kubernetes clusters and related resources. The Kubernetes clusters are configured in the respective AWS regions (EU for dev, US for prod) and are accessible only within our cloud network. We also utilize secure network proxies during deployments to ensure the clusters remain inaccessible from the public internet. This setup hardens our infrastructure against unauthorized access while allowing our team to deploy and manage services securely.

Infrastructure Automation: All infrastructure changes are managed through code and automated pipelines. Using Terraform, we codify our cloud resources and their configuration. This ensures consistency across environments and allows us to version-control infrastructure changes just like application code. Changes to infrastructure undergo code review and testing in the dev environment before being applied to production, reducing the risk of misconfiguration. Our use of IaC means that our cloud setup is transparent, repeatable, and auditable as part of our security posture.

Code Residency and Deployment

Source Code Repository: Our source code is hosted in a private Git repository on GitHub. All development occurs within this repository, which is protected by GitHub’s security features (access control, 2FA enforcement, and audit logging). We do not outsource or mirror our code to any unauthorized third-party locations - the authoritative codebase resides solely in GitHub’s secure hosting environment. This ensures that the code’s residency is confined to a single, well-protected platform.

CI/CD: We employ GitHub Actions for continuous integration. On every push or pull request to the main branch, our CI workflow triggers automatically. The code is checked out and built on ephemeral runner instances. These build runners are transient – they exist only for the duration of the build and are destroyed afterwards, ensuring no source code or build artifact persists on the runner. During the build, we compile the frontend application and package it into a Docker container image. We also run automated tests and checks as part of the pipeline to catch issues early.

Artifacts: After a successful build, the application’s Docker image is pushed to our private Container Registry. We maintain separate repositories for different environments. The container images are tagged with unique version identifiers for traceability. Our registry is configured with immutability and automatic scan on push, meaning images cannot be overwritten once tagged and are scanned for vulnerabilities on upload. These images remain in our AWS accounts (EU region for dev images, US region for prod images), so build artifacts do not leave our cloud infrastructure.

Disclosure

If you notice a security issue or have a question or concern, you can reach out to our CTO, Nimrod at [email protected]. We'll respond as soon as possible. Currently, we do not have a bug bounty program.