Security
How we protect your data and secure the platform.
Encryption
All data encrypted at rest and in transit. TLS 1.3 for all connections. Passwords hashed with bcrypt. API keys stored with AES-256 encryption.
Authentication
Secure session management with CSRF protection. Credential-based authentication with rate limiting on login attempts.
Infrastructure
Hosted on secured cloud infrastructure with automated backups. Database connections encrypted. Network-level isolation between services.
Data Access
Principle of least privilege across all systems. No employee access to user trading credentials. Audit logging on sensitive operations.
Responsible Disclosure
If you discover a security vulnerability, please report it responsibly. Do not publicly disclose the issue until we have had an opportunity to address it.
Report vulnerabilities to security@nexushq.xyz. Include a detailed description of the vulnerability and steps to reproduce. We aim to acknowledge reports within 24 hours and provide resolution timelines within 72 hours.