Security at Grantiva
Your security is our top priority. Learn about our comprehensive security measures.
Data Encryption
- AES-256 encryption for all data at rest
- TLS 1.3 for all data in transit
- Hardware security modules for key management
Infrastructure Security
- AWS infrastructure with multi-region failover
- DDoS protection via AWS Shield
- Network isolation with VPC and security groups
Compliance & Certifications
Current
- GDPR Compliant
- CCPA Compliant
Planned (Year 2)
- SOC 2 Type II
- ISO 27001
Incident Response
- Critical: 1 hour response time
- High: 4 hour response time
- Medium: 24 hour response time
Security Audits
- Quarterly security audits
- Annual penetration testing
- Continuous vulnerability scanning
Access Control
- Role-based access control
- Two-factor authentication
- Audit logging
Security Best Practices for Developers
Implementation
- • Always validate attestations server-side
- • Use the latest SDK version
- • Implement proper error handling
- • Monitor for suspicious patterns
Operations
- • Rotate API keys regularly (Enterprise)
- • Set up webhook alerts
- • Review analytics regularly
- • Keep contact info updated
Vulnerability Disclosure
We take security vulnerabilities seriously. If you discover a security issue, please report it responsibly.
Bug bounty program coming in Year 2