🎉 Mimir is in alpha. Read more →
Security

Security Measures

Our API is built with a range of features and procedures designed to ensure its safety, to protect your organisation, and to reassure you of our ongoing commitment to security. Please find below some key points that demonstrate the lengths we go to in order to keep our software safe.

  1. Regularly Updated and Audited: Our API is regularly updated and audited by third-party cybersecurity experts, ensuring that it is always free from potential vulnerabilities.

  2. Secure Encryption: All data transmitted is securely encrypted using industry-standard encryption protocols, like SSL/TLS, ensuring data integrity and confidentiality.

  3. No Sensitive Data Storage: Our API does not store or collect sensitive information from your customers. This ensures that in the unlikely event of a breach, no customer data would be at risk.

  4. Cross-site Scripting (XSS) Protection: We employ strict coding standards and security measures to protect against cross-site scripting (XSS) attacks. This is crucial because XSS attacks can inject malicious scripts into applications viewed by users.

  5. Content Security Policy (CSP): Our script supports the use of Content Security Policy (CSP), a security feature that helps prevent attacks, including Cross-Site Scripting (XSS) and data injection attacks.

  6. Strict Compliance with Privacy Laws: Our software strictly adheres to data protection and privacy laws such as GDPR (General Data Protection Regulation) and CCPA (California Consumer Privacy Act).

  7. Isolated Execution: The API runs in an isolated environment, ensuring that it cannot interact or interfere with other parts of your applications beyond its intended functionality.

  8. Minimal Performance Impact: Our API is designed to be lightweight and efficient, so it does not slow down your site or negatively impact your user's experience.

  9. Rate Limiting and DDoS Protection: We employ rate limiting to prevent brute force attacks and have DDoS protection in place to ensure that your applications remains accessible to your customers at all times.

  10. Detailed Documentation: We provide comprehensive and clear documentation on how to securely integrate our API into your applications, along with support from our technical team, if needed.

Status Page