Security Built In

Security at Apex

We build security into every layer of our platform to protect your applications and data.

HTTPS Only
All Traffic
TLS 1.3
Encryption
AES-256
Data at Rest
Audit Logs
All Actions

Security Features

Data Encryption

  • In Transit: All data encrypted with TLS 1.3. HTTPS enforced on all endpoints.
  • At Rest: AES-256 encryption available for stored data and backups.
  • Passwords: Hashed with bcrypt (cost factor 12).

Access Control

  • Authentication: OAuth (GitHub, Google) and email/password login.
  • 2FA: Two-factor authentication support for accounts.
  • Sessions: Secure session management with expiry and logout.

Audit & Logging

  • Audit Logs: All user and system actions are logged with timestamps.
  • Request IDs: Every request gets a unique ID for tracing.
  • IP Logging: Client IPs logged for security analysis.

Infrastructure Security

  • Isolation: Container-level isolation with Kubernetes.
  • Rate Limiting: API rate limiting to prevent abuse.
  • Security Headers: HSTS, CSP, X-Frame-Options enforced.

Security Headers

We implement industry-standard security headers on all responses.

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin

Data Handling

Data Location

Your data is stored on Vultr cloud infrastructure. You can choose your preferred region for data storage.

Data Retention

Application data is retained for the duration of your account. You can request data deletion at any time.

Data Portability

Export your data at any time using our API. We support standard formats for easy migration.

Infrastructure Providers

We use Vultr for cloud infrastructure and Cloudflare for DNS/CDN services.

Security Questions?

Have questions about our security practices? We're happy to help.

Contact Us System Status