Great experiences need trust

In-transit encryption

Sessions between you and the Speed platform are protected with in-transit encryption using TLS 1.2 or above.

In-rest encryption

Our data is encrypted with AES 256 algorithm.

Web application and network firewalls

Speed monitors potential attacks with the help of a number of tools, such as a web application firewall and network-level firewalling. We use artificial intelligence for anomaly detection and restrictions. Additionally, Distributed Denial of Service (DDoS) preventive protections are built into Speed to further safeguard it.

Software development lifecycle (SDLC) security

We use an agile methodology as part of the SDLC process, security is integrated and examined at every level of development.

Hosting security

Speed products are hosted on AWS which is SOC2 Type II and ISO 27001 certified.

Network isolation

Speed products are hosted on PVC, the majority of our stakes are on a private subnet that is inaccessible via the internet. Using VPN and encrypted network protocols, communication between Speed services are kept secure. Data is encrypted at rest to help protect against unauthorized access

For patching servers, we have a stringent SLA. A compliance report is running constantly if any issue is identified, Speed’s patch management process identifies and addresses missing patches within the product infrastructure. We have managed services where AWS maintains all of these components.

Speed tests for potential vulnerabilities on a recurring basis. Ongoing scans

• Outsourced & long-term contract
• SLA for critical and high
• Code vulnerability – static, dynamic SCA (software composition analysis) scan

Peer code reviews are performed on each pull request to check for new features and address bugs. For security reviews, regular code audits are carried out. We regularly do penetration tests as well as thorough unit testing.