Security overview for PaaS model

Infrastructure and architecture

The level of security for the system depends on the infrastructure and architecture our customers create and implement. 

For the SDK.finance PaaS model, our main responsibility is to connect to the customer’s database within a secure AWS environment. The security of the application’s integration with SDK.finance APIs depends on the security standards and requirements followed by the customers. 

To ensure security on our side, we adhere to best practices and industry standards. Our implementation follows the OWASP (Open Web Application Security Project) Top 10 pattern, which addresses common security vulnerabilities. 

Additionally, we use SonarQube, a code analysis tool that helps maintain secure code. By implementing these measures, we mitigate security risks and proactively address potential vulnerabilities. 

For more details, please review our tech page.

Protection against external threats

When it comes to safeguarding against threats from outside, the level of security implemented depends on our customers’ individual security requirements. 

As our PaaS application instances are hosted and managed on Amazon Web Services (AWS), our project benefits from the security measures offered by AWS. Nevertheless, if extra security measures are necessary in accordance with the customer’s specific needs, it is entirely up to them to decide.