Security
How we protect your data and credentials.
Encryption
All traffic to openwire.sh and api.openwire.sh is TLS 1.2+ only. Credentials (cookies, OAuth tokens, passwords) and API keys are AES-256-GCM encrypted at rest using rotated per-environment keys. API keys are stored as hashes; the full key is shown only once at creation.
Infrastructure
Wire runs on Amazon Web Services. Services are isolated per environment, run in private subnets, and are fronted by load balancers that terminate TLS. Production secrets live in AWS Secrets Manager and KMS.
Access control
Database and secret access is restricted to the application IAM role. Engineers reach production only through reviewed, audit-logged break-glass sessions, with least-privilege roles and mandatory MFA on all administrative accounts.
Data segregation and backups
Customer data is logically segregated per organization. Databases are backed up automatically with point-in-time recovery, and backups are encrypted and purged on a defined retention schedule.
Sub-processors
We rely on a short list of vetted sub-processors: AWS (hosting and key management), Stripe (payments), Google (optional OAuth), and Mixpanel (opt-in analytics). Each is bound by contract to protect your data.
Vulnerability management
Dependencies are monitored for known vulnerabilities and patched on a risk-based schedule. We run automated checks in CI and review changes that touch authentication, data handling, or external interfaces before release.
Incident response
We maintain an incident-response process with defined severities and on-call ownership. If a breach affects your data, we will notify you without undue delay and in line with applicable law.
Audit and compliance
We are SOC 2 Type II audited and ISO 27001:2022 certified. Reports are available under NDA; email support@anakin.io.
Responsible disclosure
Found something? Report it to support@anakin.io. We acknowledge within one business day and aim to fix high-severity issues within seven days. We do not pursue legal action against good-faith research that respects user privacy and avoids service disruption.