BOB | Build Once, BetterBeta

Security

Infrastructure & Hosting

Our platform is hosted on Amazon Web Services (AWS), a leader in cloud security with a broad portfolio of certifications, including SOC 2, ISO 27001, and PCI DSS.

We leverage AWS managed services such as RDS, Lambda, and others to benefit from their robust security controls and continuous monitoring.

Physical and network security at AWS data centers ensures your data is safeguarded at the highest level.

Data Handling & Encryption

All personally identifiable information (PII) is encrypted at rest using industry-standard AES-256 encryption and in transit using TLS 1.2+ protocols.

Backup data is fully encrypted and handled with the same level of security as live data.

When you request deletion of your data, it is fully and permanently erased from all active systems and backups in accordance with our data retention policies.

Access Controls & Authentication

We implement role-based access control (RBAC) internally, ensuring team members have access only to the resources necessary for their role.

Employee access is tightly controlled, regularly reviewed, and logged for audit purposes.

Application Security & Vulnerability Management

Our development process includes automated vulnerability scanning and code reviews to catch potential security issues early.

We perform regular security testing, including penetration tests and dependency vulnerability monitoring.

While we do not currently run a public bug bounty program, we welcome responsible vulnerability disclosures at security@getbob.dev and prioritize swift remediation.

Incident Response

We maintain a documented incident response plan designed to quickly detect, contain, and remediate security incidents.

In the unlikely event of a data breach, we commit to notifying affected users and regulatory authorities promptly, following applicable laws and best practices.

Compliance & Privacy

By hosting on AWS and following security best practices, we maintain readiness for compliance standards such as SOC 2 and GDPR.

We continuously monitor and update our policies and technical controls to meet evolving privacy laws and customer expectations.

Your Role in Security

  • Use strong, unique passwords for your Get Bob account.
  • Be vigilant against phishing attempts and never share your credentials.
  • Contact us immediately if you suspect any unauthorized access.

Contact Security

Questions, concerns, or vulnerability reports?
Please reach out to our security team at: security@email.getbob.dev