SYSTEM OPERATIONAL●EU‑WEST‑1 / EU‑CENTRAL‑1●p99 <2s
●v0.1.0-beta
Trust & security
Security at DriftGuard
We review other teams' infrastructure. Holding that trust requires us to maintain a high security bar ourselves.
Security controls
Encryption at restAES-256 (GCP Cloud Storage + Cloud SQL)
Encryption in transitTLS 1.3 minimum
AuthenticationGitHub OAuth 2.0 + JWT (RS256)
SecretsGCP Secret Manager — never in env or source
Data residencyEU-WEST-1 + EU-CENTRAL-1 (Frankfurt, Eemshaven)
Audit logAppend-only, cryptographically signed events
Webhook verificationHMAC-SHA256 (GitHub X-Hub-Signature-256)
AWS credentialsSTS AssumeRole only — no long-lived keys stored
Dependency scanningDependabot + Snyk on every PR
Static analysisCheckov (IaC) + Bandit (Python) + ESLint
Penetration testingAnnual third-party pentest (2026 Q3 scheduled)
SOC 2 Type IIIn progress — target Q4 2026
Responsible disclosure
If you discover a security vulnerability in DriftGuard, please report it to security@driftguard.io. We aim to respond within 24 hours and resolve critical issues within 72 hours.
Please do not open public GitHub issues for security vulnerabilities. We will acknowledge your report, keep you updated on our progress, and credit you in our security advisory if desired.
Status page
status.driftguard.io