TheoMax Platform Security Protocols
Application Level Security Measures
OAuth2 API Security
All private APIs are secured with OAuth2 to authorize requests and ensure proper authentication.
User Authentication
Users are required to authenticate with username and customizable password security settings with encryption algorithms and 2-step verification.
Role-Based Access Control
Data sharing and role-based access specify who can access what data within AI platform management software.
Rate Limiting
Rate limits are integrated with all APIs to prevent abuse and ensure fair usage.
reCAPTCHA Integration
reCAPTCHA is integrated to distinguish between human and automated access to websites.
Multi-Factor Authentication
Multi-factor authentication is implemented at the API level to validate users and Google two-factor authentication is also implemented.
Domain Restriction
Domain restriction is implemented at the API level to authenticate requests and prevent unauthorized access.
Database Level Security Measures
Smart Data Protection with Data Guard
Maintains standby database by transmitting and applying redo data from the primary database. If the primary database becomes unavailable, Data Guard can switch or fail over the standby database to the primary role.
Archive Log Mode
In ARCHIVELOG mode, the database makes copies of all online redo logs after they are filled. These copies are called archived redo logs.
Logical Backup (Expdp)
Daily logical backups using Expdp allow exporting data from the database to another destination. Importing data is done using impdp, ensuring data integrity.
Physical Backup RMAN (Incremental)
RMAN performs backups with minimal effect on the primary database and quickly recovers from the loss of individual data files or the entire database.
Flashback Database Mode
Flashback Database Mode helps rewind the database to a target time, SCN, log sequence number or restore point for disaster recovery.
Infrastructure Level Security Measures
AWS GuardDuty
Continuous monitoring and analysis capabilities that detect and respond to potential threats using machine learning and anomaly detection algorithms.
AWS CloudWatch
Robust monitoring and observability service providing insights into performance, health, and operational state of AWS resources and applications.
AWS CloudTrail
Comprehensive auditing and governance service that monitors and tracks all API activity across AWS accounts with detailed history of actions.
AWS VPC Flow Logs
Captures detailed information about network traffic flowing in and out of VPC for security, compliance, and troubleshooting analysis.
AWS Secrets Manager
Secure and scalable service for storing and managing sensitive credentials, eliminating the need to hardcode credentials in applications.
AWS Macie
Powerful security service that discovers, classifies, and protects sensitive data using machine learning algorithms to identify PII and financial data.
AWS WAF & Shield
Web Application Firewall that protects from common web exploits and DDoS attacks with customizable rules for traffic filtering.
AWS Security Hub
Comprehensive security service providing centralized view of security findings and insights across AWS accounts.
AWS IAM Policies & Roles
Robust framework for managing user access and permissions within the AWS environment with granular control.
Network Security
EC2 Security Groups, NACLs, Private Subnets, and OpenVPN configuration ensure comprehensive network security and access control.
Server Level Security Measures
UFW & Iptables Firewall
Combining UFW and iptables establishes robust firewall configuration protecting from unauthorized access and network attacks.
SSH Port Security
Disabling default SSH port protects against unauthorized access and reduces risk of automated attacks targeting the default port.
Tomcat Port Security
Disabling default Tomcat port reduces risk of automated attacks and enhances security of Tomcat deployments.
User Management
Disabling default "Ubuntu" user and creating unique random users for each server protects against brute-force attacks.
IP-Based SSH Authentication
Restricting SSH access based on allowed IP addresses enhances server security by reducing attack surface.
Auto Backup & Snapshots
AWS scheduled auto snapshots and critical data backup to S3 buckets provide additional protection against data loss.
Our Security Commitment
We maintain the highest standards of security across all layers of our infrastructure. Our multi-layered security approach ensures that your data and AI services are protected with industry-leading security measures and continuous monitoring.