Security measures

Web application firewall

All of Korus Ticket's public endpoints are protected behind a Web Application Firewall (WAF), that provides the following security measures:

Rejection of malicious requests
Blockage of requests exploiting Web application vulnerabilities
Blockage of requests issued from suspicious IP addresses
DDOS protection

Encryption and data confidentiality

Communication between users and the Korus Ticket APIs are encrypted using publicly trusted TLS certificates supporting strong encryption and hashing algorithms.

Server and application hardening

We automatically update all of our software, packages and servers to guarantee the security of the components running the Korus Ticket APIs. Servers are configured to only contain the packages required to run our applications therefore minimising the attack surface.

Security assessments

Every code change submitted to the Korus Ticket APIs is scanned for vulnerabilities and malicious packages. The code is also submitted a human review and must pass non-regression tests before deployment.

Security measures

Web application firewall

Encryption and data confidentiality

Server and application hardening

Security assessments

Was this helpful?