We prioritize your
privacy and security

At Wudpecker, safeguarding of our customer's data is our foremost concern. From the beginning, we've prioritized security and privacy in all our decision-making processes.

Our entire infrastructure is supported through AWS managed services. This ensures that all our applications and platforms comply with the highest available industry standards regarding security, reliability, privacy, and encryption as provided by AWS. AWS adheres to numerous Security Frameworks and Standards. By opting exclusively for managed services, we delegate the demanding task of managing and securing the underlying infrastructure to AWS.

Infrastructure


We exclusively utilize AWS Managed services, which are physically and logically segregated within a private VPC network. The control of network traffic and access is rigorously managed, adhering to a "Zero Trust" approach. For instance, our use of AWS's IAM ensures that merely having access to the private network isn't sufficient to access a specific system. Identification of the user and granting access based on the user's role and permissions is also a prerequisite.
Dashboard mockup
Dashboard mockup

Company


Before offering employment, we conduct security background checks on all potential hires. Security and privacy are emphasized in our onboarding process as well. We mandate every employee to undergo security training. To ensure the encryption of workstation hard drives, the use of a password manager, and the installation of an antivirus solution, we implement a company-managed security solution agent.

Encryption


All our databases employ encryption-at-rest, specifically using the 256-bit Advanced Encryption Standard (AES-256), with symmetric keys managed by AWS. These data keys are encrypted using another key stored in a secure keystore, which is regularly updated. For encryption-in-transit, we mandate the use of HTTPS for all our services and utilize SSL SHA-256 ECDSA Certificates that operate on the most recent TLS 1.3.
Dashboard mockup
Dashboard mockup

Disaster Recovery

Our databases reside exclusively on AWS private networks and solely employ AWS Managed services, which include AWS RDS and ElastiCache. Database access is only granted to applications or selected engineers via AWS IAM. All databases are configured to perform weekly backups, along with ongoing point-in-time backups, enabling us to retrieve data from any moment in the past. We adhere to AWS best practices to run our platform with an emphasis on High Availability and Fault Tolerance, and we're always striving to improve in this area. We take immense pride in our tech stack and work constantly to enhance it.