We understand that our API is a critical part of your infrastructure. We maintain the highest security standards to ensure your data is always protected and available.
All data is encrypted at rest using AES-256 and in transit via TLS 1.3. We support Perfect Forward Secrecy to ensure historical data remains secure.
Hosted on AWS and Google Cloud with strict VPC isolation. No data is stored on employee devices, and all access requires hardware-based MFA.
Continuous monitoring for anomalous activity. We perform real-time audit logging and automated vulnerability scanning across our entire stack.
We believe in the power of the security community. If you've discovered a vulnerability in our platform, we want to hear from you. We maintain a Bug Bounty program to reward those who help us keep our users safe.
Fast triage within 48 hours for high-severity reports.
Safe harbor for researchers following our guidelines.
Our security team is available to help with vendor assessments and security questionnaires for Business and Enterprise customers.
Contact security@ofnimail.com