Single Origin's Security and Privacy teams establish policies and controls, monitor compliance with those controls, and prove our security and compliance to third-party auditors.
All datastores with customer data, in addition to S3 buckets, are encrypted at rest.
Single Origin uses TLS 1.2 or higher everywhere data is transmitted over potentially insecure networks.
Encryption keys are managed via AWS Key Management System (KMS).
Single Origin requires vulnerability scanning at key stages of our Secure Development Lifecycle (SDLC):
- Static analysis (SAST) testing of code during pull requests and on an ongoing basis
- Malicious dependency scanning to prevent the introduction of malware into our software supply chain
- Network vulnerability scanning on a period basis
Single Origin received SOC 2 Type 1 Certification on July 18, 2023.
Updated about 2 months ago