last updated: May 1st 2023
We consider security risks and tradeoffs from the beginning of the requirements definition and design process, through to implementation, deployment, and operations. We review for security concerns during our code review and pull request process, and we use a combination of automated scanners like brakeman, dependabot, and bundler-audit on every commit in the repository to catch vulnerabilities as early as possible in the release process.
The Tramline service is hosted at Render, an advanced SOC 2-compliant cloud application platform provider, which in turn is underpinned and complemented by Amazon Web Services, the world’s largest cloud computing provider. Tramline is designed to take full advantage of the scaling capabilities of the Render platform.
Our databases are encrypted with AES256 encryption at rest and managed by Render.
Our Storage Buckets are encrypted with AES256 encryption at rest using Galois/Counter Mode by Google Cloud Storage using Google Managed Keys in line with the industry's best practices. We automatically and permanently purge all objects stored in our GCS storage buckets after 10 months.
All private keys and the integration-specific information collected from users are further encrypted on the application level using AES-GCM, with the initialization vector generated as an HMAC-SHA-256 digest of the key and the contents.
We use TLS 1.2+ to secure all HTTP requests. Since this is encrypted, all the information is secure during transport, and no one can eavesdrop or forge messages.
All accesses to the database are audit-logged using console1984. We also maintain audit logs for our infrastructure and for key actions within the Tramline product. Customers can ask for product audit logs for their organization by emailing email@example.com. Our application logs are structured and are retained for at least 30 days.
We use bcrypt for password hashing for logins which are securely stored on our database encrypted at rest over requests encrypted during transit. Our bcrypt hashes are salted and stretched which prevents brute-forcing and rainbow table attacks.
All user forms are prevented against XSS & CSRF and we only make use of Secure cookies.
Tramline is monitored 24/7 by a third-party service to measure performance and uptime, and to provide immediate notification in the event of an outage. We also use industry-standard services like Datadog and Sentry for application monitoring to measure performance on a request-by-request basis and to identify any new or recurring issues. No Personally Identifiable Information (PII) is sent to the external monitoring systems from Tramline.
Customers can ask Tramline to delete their data by reaching out to firstname.lastname@example.org. We purge all the data including users and app builds, if any, on request from the customer.
Please refer to the security policy in the Tramline GitHub repository.