SRVControl is built with security in mind.

What are you doing to protect API keys?

Handling API keys correctly has and always will be, a priority.

Below are just some of the security measures we have taken:

  • We use the Zero Trust security model.
  • We use HashiCorp Vault for encrypting and managing API keys.
  • None of our systems accept inbound network traffic.
  • We use 2FA (Two-Factor Authentication) wherever possible.
    • We use hardware security keys.
  • SRVControl doesn’t use static usernames and passwords for database access.
    • Credentials automatically rotate regularly.