Security

Updated on 22 Nov 2023

Infrastructure and architecture

The level of security for the system depends on the infrastructure and architecture our customers create and implement.

For the SDK.finance SaaS version, our main responsibility is to connect to the customer’s database within a secure AWS environment. The security of the application’s integration with SDK.finance APIs depends on the security standards and requirements followed by the customers.

To ensure security on our side, we adhere to best practices and industry standards. Our implementation follows the OWASP (Open Web Application Security Project) Top 10 pattern, which addresses common security vulnerabilities.

Additionally, we use SonarQube, a code analysis tool that helps maintain secure code. By implementing these measures, we mitigate security risks and proactively address potential vulnerabilities.

For more details, please review our documentation.

Protection against external threats

When it comes to safeguarding against threats from outside, the level of security implemented depends on our customers’ individual security requirements.

As our SaaS application instances are hosted and managed on Amazon Web Services (AWS), our project benefits from the security measures offered by AWS. Nevertheless, if extra security measures are necessary in accordance with your specific needs, it is entirely up to the customers to decide.