Start Here

App Security

SUCCESSION WILLS APP SECURITY OVERVIEW

We take security and preservation of data seriously. Our ongoing duty to our clients is to continuously invest in security and deployment improvements. We stand by our data.

The Succession Wills app is built on the MEVN stack: MongoDB, Express.js, Vue and Node.js. The app is dockerized and hosted on a remote VPS with dedicated IP. 

Internal app level security includes:

  • Strong authentication with JWT and strict session expire times, refreshes.
  • Hash passwords using bcrypt.
  • HTTPS for data in transit and AES-256 for data at rest.
  • Validate and sanitize all user inputs to prevent XSS and injection attacks.
  • Set secure HTTP headers with helmet.
  • Restrict API access with CORS and rate limiting.
  • Secure MongoDB with authentication and IP whitelisting.
  • Store sensitive configs in environment variables.
  • Regularly updated dependencies and scan for vulnerabilities.