Security

Security built by people who live and breathe it.

Our co-founder spent years securing AWS infrastructure for enterprises. ThreatKrew is built with the same rigor we'd demand from any system handling sensitive architecture data.

Defense in Depth

We don't rely on a single security layer. ThreatKrew implements eight distinct defense mechanisms working together.

  1. 1

    Edge Protection

    AWS WAF blocks malicious requests with real-time threat intelligence, including common web attack patterns and known threat actors

  2. 2

    Authentication

    OAuth 2.0 with PKCE, optional two-factor authentication, strong password policies, and seamless user experience

  3. 3

    Authorization

    Zero-trust architecture: frontend never accesses backend directly. Every request validated with cryptographic signatures and scoped IAM permissions

  4. 4

    Input Validation

    All architecture documents, fields, and AI-generated outputs validated against strict schemas with automatic repair on schema violations

  5. 5

    LLM Guardrails

    AI-generated content protected with Amazon Bedrock Guardrails to detect and block prompt injection attacks

  6. 6

    Multi-Layer Rate Limiting

    Five independent throttling layers — edge, IP-based, per-user, global circuit breaker, and assessment-based limits — prevent abuse and ensure fair resource allocation

  7. 7

    Data Encryption

    Military-grade AES-256 encryption at rest on disk, TLS 1.2+ for all data in transit, with cryptographic tenant isolation

  8. 8

    Tenant Isolation

    Data cryptographically separated at the KMS level; no cross-tenant access possible even if authorization rules fail

What We Don't Do

  • We don't log your credentials, tokens, or API keys — ever. Your secrets stay secret.
  • We don't expose security details unnecessarily. Our infrastructure and internal architecture are not visible to users.
  • We don't use overly permissive access controls. Every service has narrowly scoped permissions — only what it needs, nothing more.
  • We don't compromise on security headers. Every response includes protections against XSS, clickjacking, and content-type sniffing.
  • We don't store sensitive URLs. Report download links are generated on-demand and automatically expire.

Recent Security Hardening

Our security posture continuously evolves. Recent enhancements include:

  • CSRF Hardening: Cross-site request forgery protection with Origin/Referer validation on state-changing requests
  • Admin Panel with MFA: Platform administrators require multi-factor authentication for all admin operations; org and user suspension controls with comprehensive audit logging
  • API Key Authentication: Secure programmatic access with API keys for CLI, CI/CD, and integrations; keys are hashed and never logged
  • Cryptographic Tenant Isolation: Encryption context binding at the KMS level ensures multi-tenant data separation is cryptographically enforced, not just application-level
  • Comprehensive Audit Logging: All admin actions and privileged operations logged with timestamps and user context for security auditing and compliance
  • JWT Signature Verification: All JWTs cryptographically verified against Cognito JWKS public keys — signature, issuer, audience, and expiry validated on every request

Your Data

Your architecture documents and threat models are yours. Encrypted at rest, isolated by tenant, deletable anytime. CloudWatch logs retained 30–90 days for operations, then deleted.

Learn about our team and mission

Continuous Improvement

We're building toward SOC 2 and ISO 27001 certification. Our controls are already designed with these frameworks in mind — formal certification will be validation, not a scramble.

Questions about our security architecture?

security@threatkrew.io