Security Practices
Security is not an afterthought at Verdyct. It is integral to our architecture.
Infrastructure Security
Our application is hosted on world-class cloud providers that maintain ISO 27001, SOC 2 Type II, and PCI-DSS certifications. We utilize a multi-layered security approach, including:
- Virtual Private Cloud (VPC) isolation
- Web Application Firewalls (WAF)
- DDoS protection
- Regular automated vulnerability scanning
Data Encryption
We use strong encryption to protect your data both in transit and at rest.
- In Transit: All data transmitted between your browser and our servers is encrypted using valid TLS 1.2 or higher.
- At Rest: Sensitive data stored in our databases is encrypted using AES-256 standards.
Access Control
Access to production systems is strictly limited to authorized personnel on a need-to-know basis. We enforce Multi-Factor Authentication (MFA) for all internal access.
Reporting Vulnerabilities
We welcome reports from the security research community. If you discover a vulnerability, please disclose it to us responsibly by emailing security@verdyct.io.