UNCOMPROMISED SECURITY
We treat your data with the same level of security as a financial institution. Defense-in-depth is baked into our DNA.
SOC 2 Type II
Audited security controls
ISO 27001
Info security management
GDPR Ready
EU data protection
CCPA Ready
California privacy rights
End-to-End Encryption
public.security.features.encryption.description
Data in Transit
All communications use TLS 1.3 with perfect forward secrecy. We enforce HSTS and use certificate pinning to prevent MITM attacks.
Data at Rest
Your data is encrypted using AES-256-GCM. Encryption keys are managed through AWS KMS with automatic rotation every 365 days.
Infrastructure Security
public.security.features.infrastructure.description
Cloud Resilience
We deploy on AWS and GCP, leveraging their certified infrastructure. Data is replicated across 3+ availability zones for disaster recovery.
Network Defense
Protected by WAF, volumetric DDoS protection, and VPC service controls. All internal traffic is mutually authenticated (mTLS).
Identity & Access
public.security.features.access.description
Multi-Factor Authentication
MFA is mandated for all employees and available for all customer accounts. We support hardware keys (YubiKey) for critical operations.
Least Privilege Access
Employee access is granted on a strict need-to-know basis, time-bound, and logged immutably for audit trails.
White Hat Researchers
We partner with the security community to identify and resolve vulnerabilities. If you find a bug, we want to hear about it.
β ~ gpg --fingerprint security@twinly.inc
pub 4096R/928A 2026-01-15
Key fingerprint = 8823 1290 5582 1029 3847
uid Twinly Security Team
β ~ _