We use encrypted connections (TLS) whenever it is possible
We enforce 2FA (two-factor authentication) for core systems
We use source code dependency scanning tools
We host all data provided by customers on MongoDB Inc. (AWS / N. Virginia (us-east-1).
Data backups are created daily
Daily data backups are available for ten subsequent days
Our services are hosted on DigitalOcean, Inc.
The following table describes when we resolve security bugs in our products:
within 25 weeks of being reported
within 6 weeks of being reported
within 4 weeks of being reported
within 2 weeks of being reported