Security

Cloud Infrastructure

• Hosted on infrastructure providers (Render, Vercel) that maintain SOC 2 Type II compliance
• Geographically distributed data centers for redundancy and disaster recovery
• Automated failover and high availability architecture
• Regular security patches and updates applied promptly

Network Security

• Web Application Firewall (WAF) to protect against common attacks
• DDoS protection and mitigation systems
• Network segmentation and strict firewall rules
• Intrusion detection and prevention systems (IDS/IPS)

Encryption

• In Transit: All data transmitted using TLS 1.2+ encryption (HTTPS)
• At Rest: AES-256 encryption for all stored data
• Database: Encrypted database connections and storage
• Backups: Encrypted backups stored in separate locations

Data Handling

• Secure data retention and deletion policies
• Data classification and handling procedures
• Regular database backups with point-in-time recovery
• Secure data disposal procedures

User Authentication

• Secure password hashing using bcrypt
• Optional two-factor authentication (2FA)
• Secure session management with automatic timeouts
• Account lockout after failed login attempts
• Secure password reset flows

API Security

• API key authentication with secure key generation
• Rate limiting to prevent abuse
• API key rotation capabilities
• Granular API permissions

Internal Access Controls

• Principle of least privilege for all access
• Role-based access control (RBAC)
• Regular access reviews and audits
• Logging of all administrative actions

Continuous Monitoring

• 24/7 system monitoring and alerting
• Security event logging and analysis
• Anomaly detection for unusual activity
• Uptime monitoring with status page

Incident Response

• Documented incident response procedures
• Rapid response team for security events
• User notification for security incidents affecting their data
• Post-incident analysis and remediation

Application Security

Secure Development

• Secure coding practices and code reviews
• Automated security scanning in CI/CD pipeline
• Dependency vulnerability scanning
• Regular penetration testing

OWASP Top 10 Protection

We implement protections against common vulnerabilities:

• SQL Injection prevention through parameterized queries
• Cross-Site Scripting (XSS) protection
• Cross-Site Request Forgery (CSRF) tokens
• Secure authentication and session management
• Input validation and output encoding

We take security vulnerabilities seriously. If you discover a security issue, we encourage you to report it responsibly.

How to Report

• Email: support@gotsignals.com
• Include detailed information about the vulnerability
• Provide steps to reproduce the issue
• Allow reasonable time for us to address the issue before disclosure

Our Commitment

• Acknowledge receipt within 24 hours
• Provide regular updates on our progress
• Credit researchers who report valid vulnerabilities (if desired)
• Not pursue legal action against good-faith security research

Compliance & Certifications

Our infrastructure providers — including Render, Vercel, and Stripe — maintain SOC 2 Type II compliance. Signals itself does not hold a SOC 2 certification, but implements industry-standard security practices including encryption in transit and at rest, role-based access controls, and regular security audits.

• GDPR compliant data handling
• CCPA compliant privacy practices
• Regular third-party security assessments