Move forward with confidence. We offer multiple levels of protection to keep your intellectual property and sensitive data secure.
Source code protection
- Source code is continuously scanned for vulnerabilities using Sink Inspector.
- All data traffic is encrypted via TLS and HTTPS.
Source code encryption
- Source code is always encrypted in transit via TLS and HTTPS.
- Capgo maintains a data backup policy that follows industry best practices.
- Capgo’s architecture consists of multiple secure network layers.
- Any changes that make their way into production must first be reviewed and approved. Code refactoring must adhere to secure coding principles and industry best practices, such as those defined by OWASP.
- Capgo use 100% serverless infrastructure, historically achieving 99.9% uptime. See status here
Application penetration testing
- Capgo is regularly tested by third-party penetration testers to ensure the security of the application.
- Capgo don't have employees and will never, only one person, Martin Donadieu has access to production database. Freelancer or open-source contributors are not allowed to have access to production database.
- Capgo Founder take security awareness, best practice, and incident response training.
Security coding education
- Capgo by been 100% open-source, is leaded to improve security with the community.
- Capgo requires all critical third-party vendors to achieve SOC 2 certification at the minimum, and verifies certifications annually.
- Capgo stands at the ready with a dedicated Incident Response Person.
Incident response policy & plan
- An incident response policy is maintained and managed by a dedicated incident response Person at Capgo.
- In the event of system-wide issues, customers are notified by their email. Capgo's system status and network and security incidents are published at https://status.capgo.app.