Secure Infrastructure Provider – We host our data in secure Amazon Web Services (AWS) data centers protected by 24/7 on-site security and camera surveillance.
Data Encryption in Transit and at Rest Process – All data sent to or from Moralis is encrypted using TLS, and all customer data is encrypted using AES-256.
Data Redundancy and Resiliency – Moralis infrastructure is fault tolerant by design. All databases operate in a cluster configuration, and the application tier scales using load balancing technology that dynamically meets demand.
Strict Access Controls – Moralis has a clearly defined access management policy and follows strict control standards. Access to all Moralis systems is managed securely, enforces 2FA, and logs all activity.
Security Audit and Monitoring – Moralis centrally manages audit logs, which provide a transparent overview and historical record of almost all actions taken by team members.
Security is our top priority when developing any application.
Penetration Testing and Bug Bounties – We partner with reputable security firms to run external pen tests. Additionally, our bug bounty program allows anyone to test our system and report bugs.
Application Monitoring and Protection – All app access is logged and audited. We also use a wide variety of solutions to quickly identify and eliminate threats, including a WAF (Web Application Firewall) and CDN (Cloud Distribution Network).
Development and Change Management Process – Code development is done through a documented SDLC process, and every change is tracked via version control.
Automated controls ensure changes are peer-reviewed and pass a series of tests before being deployed to production.
Third-Party Vendor Security Review Process – We ensure all of our third-party apps and providers meet our security and data protection standards before using them.
Work with our engineers to assess your unique security needs.
Contact us at [email protected]