Security

We understand that the data you entrust us with must stay safe and away from prying eyes. Staying up to date on the current security threats out there, we make sure your data stays yours only.

There are multiple attack vectors

In an environment as vast and complex as the internet, there are multiple attack vectors that need to be taken into account when developping secure applications. Code- and SQL-Injection or Cross Site Scripting (XSS) are only some of the vectors that could breach a vulnerable web application. Even if your application isn't going to be directly accessible from the web, an attacker could still attempt to gain access or make the application do his bidding by resorting to Cross Site Resource Forgery (XSRF) or even Social Engineering.

Your application isn't even the only point of attack. The machine that physically hosts your application, its operating system, the web or database server software, all of those entry points need to be equally taken into account in order to mitigate the most common threats. To keep your server environment safe we also closely monitor CVE security vulnerability databases as well as a handful of renowned security mailing lists.

At home in the security community

At TenTwentyFour1024, we're not only keeping up to date on the latest of vulnerabilities and security risks from magazines and websites. We're active members of the IT security landscape and have been attending or have even been implicated in the organization of security conferences such as the Chaos Communication Congress, hack.lu or the local haxogreen summercamp for almost a decade.

We stay connected, even when we're not travelling. TenTwentyFour1024 values its ties to the national Computer Emergency Response Teams and its mutually beneficial relationship with the local hacker and security community. When hiring, the hacker community is the first place we'll be looking at.

Securing your applications

While developping your applications, we take care of sanitizing all possible user input and thus securing input fields against all forms of code or sql injection. Sensible data, whether accessible through the internet or hosted in your local area network only, will be secured against eavesdropping through SSL/TLS encryption. Access to your applications will be secured through sensible authentication procedures using proper hashing algorithms.

If you're hosting your application with us or entrust us with the administration of your server infrastructure, all server configurations will be checked for known vulnerabilities and the packages kept in sync with the latest security updates.