Sustain.life API Security
At Sustain.Life, we take security seriously. Customers trust us with their sustainability data, and we protect it using best-in-class tools, training, techniques, and platforms.
HTTPS / TLS 1.2 enforced for all endpoints, with automated certificate management
All data is encrypted at rest in Azure (Cosmos, SQL server, Azure Storage)
User security & key management
All customer accounts are managed by Azure Active Directory & Azure AADB2C
API key management tied to customer AADB2C accounts with Azure API Management
Least privileged access model to enforce consistent permissioning
Azure API Management used for privileges, throttling, and caching to ensure high availability to the end user
24x7 on-call handled by the Sustain.life engineering team to ensure stability
Penetration testing to proactively discover potential security risks
Continuous source code analysis for known vulnerabilities and copyright compliance
For additional details, please schedule a call with our security team.