Security Policy

At BlipCut, security is a top priority in every aspect of our operations. We are committed to protecting our infrastructure, applications and user data through industry-leading security measures, continuous monitoring and proactive threat management. This page provides a comprehensive overview of BlipCut's security policies, and if you have any security-related questions or inquiries, please contact us at [email protected].

1. Organizational Management

Professional Security Team

Our dedicated security team utilizes state-of-the-art monitoring tools to detect and mitigate potential threats before they escalate. With 24/7 monitoring and support, we ensure rapid incident response and maintain a resilient security infrastructure to protect critical assets.

Internal Access Control

We implement strict internal controls to prevent unauthorized access to user data:

  • Employees and administrators do not have access to user data, except in limited support cases.
  • Customer support teams have only restricted access when necessary.
  • All employees sign a Non-Disclosure Agreement (NDA) upon joining to ensure customer data confidentiality.

2. Payment Information Security

All payment transactions are securely handled by Stripe, a PCI Level 1 certified service provider. We do not store any payment information, exempting us from PCI obligations.

3.Infrastructure Security

Cloud Infrastructure

All our services operate in a cloud environment, and we do not host or manage physical servers, routers, load balancers, or DNS servers. Our infrastructure is built on Linode and Alibaba Cloud, both of which provide robust security safeguards and comply with industry standards and certifications. For more details, visit:

Data Center Security

Our data centers are hosted on Alibaba Cloud and adopt a same-city disaster recovery architecture to ensure data security and business continuity. Security measures include:

  • Multi-zone disaster recovery mechanisms
  • Encrypted data storage
  • Automated backups
  • Strict access controls

Additionally, we adhere to international security standards such as ISO 27001 and PCI DSS to ensure data compliance and reliability.

4. Network Security Monitoring and Protection

We have established a multi-layered network security framework to prevent unauthorized access through:

  • Virtual Private Cloud (VPC) architecture with bastion hosts or VPN and network access control lists (ACLs)
  • Firewalls that strictly monitor and control inbound and outbound network traffic
  • Intrusion Detection and Prevention Systems (IDS/IPS) to identify and block potential malicious traffic
  • IP address filtering
  • HTTPS encryption for data in transit and AES-256 encryption for data at rest

5. DDoS Protection

We leverage Cloudflare's industry-leading CDN solution to effectively defend against DDoS attacks and ensure uninterrupted business operations.

6. Data Encryption Measures

Encryption in Transit: All data transmitted to or from our infrastructure is encrypted using industry-best practices with Transport Layer Security (TLS).

Encryption at Rest: All user data, including passwords, is encrypted using verified encryption algorithms within our database.

7. Business Continuity and Disaster Recovery

All critical assets are regularly backed up, and recovery tests are conducted periodically to ensure rapid recovery in case of a disaster.

Backup data is securely encrypted to prevent unauthorized access.

8. Application Security Monitoring

We employ security monitoring solutions to continuously analyze application security and mitigate potential threats:

  • Monitoring logs and anomalies to detect and respond to data breaches
  • Logging and storing records for audit trails of application activities
  • Using microservices and OpenTracing for real-time monitoring

9. Application Security Protection

  • Implementing runtime protection systems to intercept OWASP Top 10 vulnerabilities and business logic attacks in real time
  • Using security headers to enhance user protection
  • Utilizing security automation technologies to detect and respond to application threats automatically

10. Secure Development Practices

We enforce stringent secure development processes to ensure software security:

  • Regular security training for developers to raise awareness of common vulnerabilities and threats
  • Conducting code audits to identify and fix security issues
  • Regularly updating dependencies to eliminate known vulnerabilities
  • Using Static Application Security Testing (SAST) tools to detect fundamental security flaws in the codebase

11. User Security Protection

Account Security: Protecting user accounts from brute force attacks by monitoring and blocking unauthorized login attempts.

Role-Based Access Control (RBAC): Allowing users to define roles and permissions for granular access control.

We remain committed to transparency and ongoing improvements in our security framework. Should you have any questions, concerns, or suggestions regarding our security policies, please feel free to contact us.

Contact Us
Contact Us