At ComplexChaos, we understand that the security of your data is paramount. We can cater to your own security needs. We are GDPR compliant and soon SOC2 as well.
Data protection is a top priority.
All data in transit is encrypted with SSL, rated A+ by Qualys SSL Labs.
Advanced encryption for data in transit (TLS 1.2) and at rest (AES-256).
Passwords are securely hashed with bcrypt.
Our systems are proactively monitored to identify and address potential vulnerabilities.
Servers, tools, and libraries are regularly updated.
Our applications, hosts, and network undergo automatic scanning for vulnerabilities.
Outdated dependencies are detected and resolved promptly.
We ensure sensitive information remains secure.
Secrets are never stored in source code and are managed securely.
Access to infrastructure requires SSH and, where possible, two-factor authentication.
Our systems are designed for high availability and reliability.
Infrastructure operates on fault-tolerant systems.
Backups are performed daily.
Third-party services provide 24/7 monitoring and alerts for downtime, ensuring quick responses.
We engage respected independent firms to conduct annual penetration tests on our application and infrastructure. All findings are tracked, prioritized, and resolved promptly.
Complex Chaos operates on Google Cloud Platform, benefiting from their robust security certifications, including SOC 2 and ISO 27001.
