Security

As a founding team of engineers, our knowledge of security and its importance to your work runs deep. Your data is always safe with Slab.
Product
We follow best practices to develop our product securely including security reviews, code reviews, unit tests & integration tests.
Infrastructure
We adhere to the highest industry standards for data security using TLS and encryption.

Product Security

Development Process
We follow industry best practices, so security is baked right into our product and regular development processes – including security design reviews, code reviews, unit & integration tests. All engineers are required to know OWASP vulnerabilities and use libraries, frameworks, and mitigations vetted and recommended by the security community, such as Strict CSP.
Vulnerability Scanning
We regularly update our servers, tools, and libraries, upgrading and patching vulnerabilities as they are discovered. Out-of-date libraries and services are scanned, detected, and flagged automatically.
Admin Controls
Team administrators can manage team-wide settings, including requiring single sign-on and two-factor authentication, managing integrations, and deactivating users.

Infrastructure Security

Encryption
We adhere to the highest industry standards for data encryption, requiring the latest recommended protocols to encrypt all traffic in transit and at rest.

Our website runs entirely over SSL with an A+ from Qualys SSL Labs. We hash all passwords in our production database using bcrypt. Billing information is completely managed by our PCI-compliant payments provider (Stripe) and never stored.
Secrets Management
Secrets are stored securely and never in source code. Access to our infrastructure and related services requires SSH and two-factor authentication when possible.
Monitoring and Logging
We are committed to making Slab highly available. Our infrastructure runs on fault-tolerant systems and backups are made daily. We leverage redundant third-party providers to provide 24/7 monitoring and alerting of any downtime.

Start your free trial today

Already using Slab? .
Slab
Twitter
Medium
LinkedIn