Deref uses a variety of techniques to ensure the security of its communications with customers and the data they have entrusted us with. We use secure data centers, encrypt all transmissions to and from our web interface and APIs, never store passwords in plain text, encrypt sensitive data such as credentials or secret tokens at rest, utilize carefully scrutinized application architectural patterns, and apply a wide range of additional industry best practices.
Deref hosts our services and stores customer data in secured data centers provided by Amazon Web Services. These data centers provide high levels of both physical and technical security in all jurisdictions. Additionally, Deref utilizes Amazon's storage redundancy offerings, allowing for efficient disaster recovery procedures.
Each Deref customer's data is assigned to a logically isolated tenant database instance. All requests processed by the Deref platform authenticate the current user in the context of the desired tenancy prior to authorizing access to at most that one tenant database during the handling of each request. Users are authenticated with per-tenant signed web tokens stored in secure cookies.
Deref operates a software agent that gathers and stores information from your cloud environment. The data that is available to Deref is specified by permissions configured external to our platform, controlled by you through your existing cloud provider.
This collection process is subject to best in class auditing tools, also through your existing cloud provider. Deref collects cloud resource metadata and does not access into primary data sources, such as filesystems, databases, or running processes.
We care deeply about the security and availability of the data you have entrusted us with. If some vulnerability slipped past us, we'd love to hear about it. We'll endeavor to quickly mitigate the risk, identify the root cause, and improve both our software and processes.
To report an issue, please email email@example.com and our team will respond promptly.