xappex-icon-logo-dark Get Started Free

Your Data Security is Our Priority

At Xappex, we prioritize your data’s safety with advanced encryption, robust

access controls, and industry-leading compliance standards.

xappex-icon-logo-default Visit Xappex Trust Center

Trusted by exceptional brands around the world

Coastal Logo
Uber Logo
Coca Cola Logo
Sf Ben Logo
Master Card Logo
Miro Logo
Nvidia Logo
Range Logo
Linkedin Logo
Dropbox Logo
Payoneer Logo
flash-icon How It Works

Our commitment to security

SOC for Service Organizations

Xappex follows the SOC 2 (System and Organization Controls 2) framework to ensure that our services meet the highest standards of security, availability, processing integrity, confidentiality, and privacy. Our Commitment

  • Data Security: Implementing strict access controls and encryption.
  • Operational Excellence: Maintaining robust monitoring and auditing processes.
  • Regulatory Compliance: Regularly undergoing independent third-party audits to verify compliance.
flash-icon Products Security

Cloud Security

Cloud Infrastructure Security

All of our services are hosted with Amazon Web Services (AWS).

Data Hosting

All databases are located in the United States.

Encryption at Rest

All databases are encrypted at rest.

Encryption in Transit

Our applications encrypt in transit with TLS 1.2/SSL only.

Vulnerability Scanning

We actively monitor and log various cloud services.

Logging and Monitoring

We perform vulnerability scanning and actively monitor for threats.

Incident Response

We have a process for handling information security events which includes escalation procedures, rapid mitigation and communication.

Business Continuity and Disaster Recovery

We use our data hosting provider’s backup services to reduce any risk of data loss in the event of a hardware failure. We utilize monitoring services to alert the team in the event of any failures affecting users.

flash-icon Access Security

Access Security

Permissions and Authentication

Access to cloud infrastructure and other sensitive tools are limited to authorized employees who require it for their role.

Least Privilege Access Control

We follow the principle of least privilege with respect to identity and access management.

Quarterly Access Reviews

All company issued laptops utilize a password manager for team members to manage passwords.

Password Requirements

All team members are required to adhere to a minimum set of password requirements and complexity for access.

Culture of Security and Compliance

Third-party Audits

Our organization undergoes independent third-party assessments to test our security and compliance controls.

Roles and Responsibilities

Roles and responsibilities related to our Information Security Program and the protection of our customer’s data are well defined and documented.

Third-Party Penetration Testing

We perform an independent third-party penetration at least annually to ensure that the security posture of our services is uncompromised.

Security Awareness Training

Our team members are required to go through employee security awareness training covering industry standard practices and information security.

Confidentiality

All team members are required to sign and adhere to an industry standard confidentiality agreement prior to their first day of work.

Background Checks

We perform background checks on all new team members in accordance with local laws.

Downloadable Security Resources

To request Xappex most recent SOC 2 Type 2 report, penetration test report, PCI DSS certificate or to download any security related document or policy please visit Xappex Trust Center

xappex-icon-logo-default Visit Xappex Trust Center