Threats & mitigations

The common attacks, and how we build against them from the start.

Most damage online comes from a short list of well-understood attacks. We build against them from the first line of code rather than patching after something goes wrong.

What we guard against

• Input validated and sanitized to shut down injection and cross-site scripting.
• Authentication on every system that touches your data, with access scoped per account.
• Dependencies kept current, because an out-of-date package is the easiest way in.

Caught early

Monitoring is in place so an unusual pattern is caught early, not discovered after the fact.