Security & Infrastructure

Trade OS infrastructure is built with security as a foundational requirement, not an afterthought. Our platform employs multiple layers of protection:

Encryption

• All data encrypted at rest using AES-256 encryption
• All data encrypted in transit using TLS 1.3
• Database-level encryption for all persistent storage
• Encrypted backups with separate key management

Infrastructure Hardening

• Kubernetes-based container orchestration with network policies and pod security standards
• Web Application Firewall (WAF) with rate limiting and DDoS protection
• Private networking between services — no internal services exposed to the public internet
• Immutable infrastructure deployed via CI/CD with automated security scanning
• Regular security patching and dependency updates

Network Security

• Network segmentation isolating trading, analytics, and user-facing services
• Intrusion detection and monitoring across all network boundaries
• Automated threat detection and anomaly alerting
• Geographic access controls and IP allowlisting for administrative access

Our API key security architecture includes:

• Encryption at rest: All exchange API keys are encrypted using AES-256-GCM with keys managed through a dedicated secret management service. Encryption keys are rotated regularly.
• Minimal exposure: Decrypted keys exist only in memory during API calls and are never written to logs, error reports, or monitoring systems.
• Key display masking: API keys are masked in the UI (showing only the last 4 characters) and cannot be retrieved in full after initial entry.
• Permission validation: We verify and recommend minimum-permission configurations when API keys are connected. We strongly recommend read + trade permissions only (no withdrawal).
• Immediate deletion: When you disconnect an exchange or delete your account, the associated API keys are permanently and immediately purged from our systems.

Communications between Trade OS and connected exchanges are secured through multiple layers:

• All exchange API communications occur over TLS 1.2+ encrypted channels
• Request signing (HMAC-SHA256) is used for all authenticated exchange API calls
• IP allowlisting is supported for exchanges that offer it — we provide our egress IP ranges for configuration
• WebSocket connections for real-time data use authenticated, encrypted channels with automatic reconnection
• Exchange API responses are validated and sanitized before processing to prevent injection attacks

User Access

• Passwords hashed using bcrypt with appropriate work factors
• Multi-factor authentication (MFA) available and strongly recommended
• Session management with automatic expiration and device tracking
• Brute-force protection with progressive rate limiting and account lockout
• OAuth 2.0 / OIDC integration for enterprise single sign-on (SSO)

Internal Access

• Principle of least privilege for all employee access
• Role-based access control (RBAC) for internal systems and production environments
• All production access logged and audited
• No Trade OS employee can access your exchange API keys in decrypted form
• Background checks for employees with access to production infrastructure

We maintain a proactive approach to identifying and addressing security vulnerabilities:

• Automated scanning: Continuous dependency vulnerability scanning (Snyk, npm audit, pip-audit) integrated into our CI/CD pipeline. Builds fail on critical vulnerabilities.
• Container security: Container images scanned for vulnerabilities before deployment. Base images are minimal and regularly updated.
• Static analysis: Automated static application security testing (SAST) on every code change, covering both TypeScript and Python codebases.
• Dependency management: Automated dependency update monitoring with security-focused triage. Critical patches applied within 24 hours.

Trade OS maintains a formal incident response plan to handle security events swiftly and transparently:

• Automated daily backups with point-in-time recovery capability
• Backups encrypted and stored in geographically separate locations
• Regular backup restoration testing to verify data integrity
• Disaster recovery plan with defined Recovery Time Objective (RTO) and Recovery Point Objective (RPO)