Security Features
At Belvo, security is at the core of everything we do. From the very beginning, every component of our platform is built with robust security measures integrated, ensuring your data remains safe. Our security team is involved in every step, making sure that each feature or change undergoes rigorous security evaluation.
For developers integrating with our platform, here are the key security features you should know about:
Web Application Firewall (WAF)
Our platform leverages a Web Application Firewall (WAF) to vet every incoming request. Any attempt to bypass this safeguard and access our platform is automatically blocked.
- Application Awareness: The WAF understands the specific requirements of our application. It checks all incoming traffic against our API schemas. Requests that don't conform will receive a
403 Forbidden
response. - Rate Limiting: We enforce strict rate limits to control traffic flow and maintain platform stability. Requests that exceed these limits are throttled or blocked, resulting in a
429 Too Many Requests
response. If you anticipate a need for higher request limits, contact your Belvo representative. We offer IP-based and mTLS-based bypass options for legitimate use cases. - Firewall Rules: Our multilayered security strategy includes measures to block vulnerability scans and OWASP Top 10 weaknesses, ensuring a fortified defense against common threats. Requests falling in this category will receive a
403 Forbidden
response. - DoS and DDoS mitigation: We actively detect and prevent surges of malicious traffic from overwhelming our platform.
Intrusion Prevention System (IPS) & Security information and event management (SIEM)
To further enhance security and threat detection, our platform incorporates an Intrusion Prevention System (IPS) as well as Security Information and Event Management (SIEM):
- Statistical Anomaly Detection: This system monitors traffic in real-time to detect any unusual activity patterns by comparing current activity against established baselines. When a deviation is detected, it is flagged for inspection by the security team.
- Stateful Protocol Analysis: Building on anomaly detection, this feature monitors the network protocols being used. It compares the observed protocol behavior against typical usage patterns, allowing us to pinpoint irregularities effectively.
- Event Correlation: Our SIEM solution identifies common attributes across diverse data points, linking related events into meaningful bundles. This process transforms raw log data into actionable intelligence, providing valuable insights for our threat analysis.
These security measures help ensure that our platform is secure and resilient to a wide range of threats, providing a safe and stable environment for developers.
For more details or specific security concerns, please reach out to our team.
Updated about 1 month ago