Everything you need to know about our advances in Security
Digibee executes security penetration tests on a regular basis and we've included Pentests in our demand every 6 months. During these tests, we may find issues that require our attention and might make us go for changes or adjustments in the product to benefit you, user.
If you want to know more about our last tests, just take a look at the details below.
WHAT DO I NEED TO KNOW?
TLS: we've added a security layer in the Platform services to accept the use of TLS 1.2 or superior only. With that, the TLS protocol in the 1.0 and 1.1 versions, besides the ciphers with low security, won't be accepted in the connection attempts anymore. This change has impacted the access to the Digibee Portal and to the CORE APIs endpoint.
Recaptcha: we currently use RECAPTCHA V3 in our Platform. The main policy of this version is not to interfere in your experience as user, which means, you won't be asked if you're a robot. Given that, we've implemented a technique that blocks access identified as suspect - in the first attempt, the access will be blocked for 60 seconds; and each new login attempt will have its time doubled.
Local Session: we've adopted even more secure mechanisms for the data storage managed by the Platform in your browser.
DO I HAVE TO DO SOMETHING?
For now, all we recommend is that you upgrade your browser if it doesn't support TLS 1.2+, since our endpoints reject connections that use deprecated TLS versions.