RELAYTO has partnered with Cloudflare, the leader in Web Performance and Security on the Web in order to benefit from Cloud Web Application Firewall(WAF). Cloudflare’s WAF protects RELAYTO from the OWASP top 10 vulnerabilities by default. These OWASP rules are supplemented by 148 built-in WAF rules. - Injection - Broken authentication and session management - Cross-site scripting (XSS) - Insecure direct object references - Security misconfiguration - Sensitive data exposure - Missing function-level access control - Cross-Site Request Forgery (CSRF) - Using components with known vulnerabilities - Unvalidated redirects and forwards Brief overview: Cloudflare sees roughly 2.9 million requests every second, and our WAF is continually identifying and blocking new potential threats. When a Cloudflare customer requests a new custom WAF rule, Cloudflare analyzes whether it applies to all 4,000,000 domains on the network. If it does, we automatically apply that rule to everybody on our network. The more web properties on the network, the stronger the WAF gets, and the safer the Cloudflare community becomes. On top of Cloudflare's WAF protection RELAYTO sanitizes all the input to have an additional layer against the injection attacks. On Web widget/ embed security, RELAYTO works with Embedly and together we keep the whitelist of web-services that can be used in RELAYTO. All the Web widgets/embeds are securely iframed to avoid interference with your content. RELAYTO also allows to additionally enhance the iframe security settings by modifying the iframe permissions. How is your physical infrastructure protected? RELAYTO utilizes Amazon Web Service (AWS) data centers. Amazon data centers have been accredited under several certificates (including ISO 27001). AWS stands for a high level of physical security to safeguard their data centers. Among other things they employ two-factor authentication for all their authorized staff members, military grade perimeter controls and security staff at all ingress points. 45 of 52