// Security Protocol v2.5
Security_
Last updated: January 15, 2026
01. Transit & Encryption
All data transmitted between your node and our API is encrypted using TLS 1.3 with AES-256-GCM algorithm. We maintain an A+ Rating on SSL Labs by enforcing strict HSTS policies and disabling legacy cipher suites (TLS 1.0/1.1).
02. Data At Rest
User databases are architected with TDE (Transparent Data Encryption). Sensitive keys and environment variables are managed via AWS Key Management Service (KMS) or Vault-grade storage. We never store raw passwords; all authentication is handled via Argon2id or enterprise-grade OAuth providers.
03. Infrastructure Hardening
Our architecture is firewalled at the edge using Cloudflare WAF to filter SQLi, XSS, and bot-driven attacks. Internal access to the production layer is restricted through Zero-Trust Network Access (ZTNA) and multi-factor authentication.
04. Vulnerability Disclosure
We value the security community. If you identify a security flaw within our infrastructure, please report it immediately to our security cell. We practice a Responsible Disclosure Policy and do not seek legal action against researchers acting in good faith.
Reporting Endpoint: support@avrxt.in
05. Disaster Recovery
To ensure business continuity, we maintain encrypted, off-site backups with 99.999999999% durability. Our recovery-time objective (RTO) for mission-critical intake terminals is less than 4 hours.