Security Overview
Enterprise-grade security protecting your marketing data
Security First
Built with security as a foundational principle
1. Authentication & Authorization
OAuth 2.0
All connections to advertising platforms use industry-standard OAuth 2.0:
- No passwords stored — delegated authentication
- Scoped permissions — minimum required access
- Revocable access tokens — disconnect anytime
- Encrypted token storage — AES-256 in secrets vault
Role-Based Access Control (RBAC)
V
Viewer
Read-only access to reports
E
Editor
Configure campaigns and alerts
A
Admin
Manage users and billing
A
Auditor
Access audit logs
2. Data Protection
Encryption at Rest
- • AES-256 for all stored data
- • Per-tenant encryption keys
- • 90-day key rotation
- • HSM key management
Encryption in Transit
- • TLS 1.3 for all connections
- • Certificate pinning
- • HSTS enforced
- • No legacy protocols
3. Infrastructure Security
Hosting & Network
Atlas is hosted on secure infrastructure in Germany (EU jurisdiction):
✓ISO 27001 certified data centers
✓Private VPC with firewall rules
✓Multi-layer DDoS protection
✓Real-time threat detection
Application Security
- •CSP headers prevent XSS
- •Parameterized queries (no SQL injection)
- •CSRF protection
- •Rate limiting on all APIs
- •Input validation & sanitization
- •Secure session management
4. Compliance
🇪🇺
GDPR
Full EU data protection compliance
🔐
ISO 27001
Information security management
✅
SOC 2 Type II
Security & availability controls
Report Security Issues
If you discover a security vulnerability in Atlas, please report it responsibly:
Email: security@link11.com
We commit to acknowledging reports within 24 hours and providing a timeline for resolution.