At Wudpecker, safeguarding of our customer's data is our foremost concern. From the beginning, we've prioritized security and privacy in all our decision-making processes.
Our entire infrastructure is supported through AWS managed services. This ensures that all our applications and platforms comply with the highest available industry standards regarding security, reliability, privacy, and encryption as provided by AWS. AWS adheres to numerous Security Frameworks and Standards. By opting exclusively for managed services, we delegate the demanding task of managing and securing the underlying infrastructure to AWS.
We exclusively utilize AWS Managed services, which are physically and logically segregated within a private VPC network. The control of network traffic and access is rigorously managed, adhering to a "Zero Trust" approach. For instance, our use of AWS's IAM ensures that merely having access to the private network isn't sufficient to access a specific system. Identification of the user and granting access based on the user's role and permissions is also a prerequisite.
Before offering employment, we conduct security background checks on all potential hires. Security and privacy are emphasized in our onboarding process as well. We mandate every employee to undergo security training. To ensure the encryption of workstation hard drives, the use of a password manager, and the installation of an antivirus solution, we implement a company-managed security solution agent.
All our databases employ encryption-at-rest, specifically using the 256-bit Advanced Encryption Standard (AES-256), with symmetric keys managed by AWS. These data keys are encrypted using another key stored in a secure keystore, which is regularly updated. For encryption-in-transit, we mandate the use of HTTPS for all our services and utilize SSL SHA-256 ECDSA Certificates that operate on the most recent TLS 1.3.