Security
How we protect your data and infrastructure.
Infrastructure Security
- Private network isolation with per-service segmentation
- Hardened Linux hosts with automated security updates
- Digest-pinned container images for immutable production deploys
- Cloudflare edge protection fronting all application traffic
Data Protection
- Encryption at rest on managed volumes (KMS available on AWS)
- TLS 1.3 for all data in transit
- Zero-retention policy for screen captures
- Customer data isolation per tenant
Access Control
- Mandatory MFA for all accounts
- Role-based access control (RBAC)
- Just-in-time privileged access
- Session logging and monitoring
Monitoring & Response
- Automated vulnerability scanning via Aikido
- Code and dependency security analysis
- Automated incident alerting
- Defined incident response procedures
Responsible Disclosure
We value the security research community. If you discover a security vulnerability, please report it responsibly.
01
Report: Email security@legacybridge.software with details of the vulnerability
02
Response: We will acknowledge receipt within 24 hours
03
Resolution: We will work with you to understand and remediate the issue
04
Recognition: With your permission, we will acknowledge your contribution
For compliance certifications and regulatory alignment, see our Compliance page.
View Compliance DetailsSecurity Questions?
Our team is happy to discuss our security practices in detail.
Contact Security Team