Security-First Architecture

Security & Compliance

Built with memory safety at its core. Designed for enterprise security requirements.

Security by Design

FERRUM was built from the ground up with security as a core principle. Our architecture eliminates entire classes of vulnerabilities that plague traditional systems:

  • No buffer overflows
  • No memory corruption vulnerabilities
  • No null pointer issues
  • Thread-safe by design

Security Features

Available

API Key Authentication

SHA256-hashed API keys with configurable access levels (Read, Write, Admin). No plaintext storage.

Available

Memory Safety

Built with compile-time memory safety guarantees. No buffer overflows, no use-after-free vulnerabilities.

Available

Network Isolation

Bind to specific interfaces. Run in private networks. No public exposure required.

Roadmap Q2

Data at Rest Encryption

RDB snapshots with optional encryption. Protect your pricing data on disk.

Roadmap Q2

TLS Encryption

TLS 1.3 for all client connections. Encrypt data in transit.

Roadmap Q3

Audit Logging

Complete audit trail of all pricing changes. Who changed what, when.

Infrastructure Security

Self-Hosted Control

  • Deploy on your infrastructure
  • No data leaves your network
  • Full control over security policies
  • Integrate with existing security tools

Minimal Attack Surface

  • Single binary deployment
  • No external dependencies at runtime
  • No shell access or command execution
  • Sandboxed processing

Secure by Default

  • Authentication enabled by default
  • Restrictive default permissions
  • No anonymous access without explicit config
  • Secure configuration templates

Compliance

GDPR

Compatible

FERRUM processes pricing data, not personal data. Customer IDs are opaque identifiers. No PII storage required.

SOC 2 Type II

Roadmap 2025

Enterprise customers can request our security practices documentation. Formal certification on roadmap.

Data Residency

Available

Self-hosted deployment gives you complete control over data location. Host in any region you require.

PCI DSS

Not Applicable

FERRUM does not process payment data. Pricing data is separate from cardholder data.

Our Security Practices

Development

  • Regular dependency audits
  • Static code analysis
  • Comprehensive automated tests
  • Fuzz testing for protocol parsers

Operations

  • Signed releases
  • Minimal container images
  • Non-root execution
  • Health and readiness probes

Have Security Questions?

Our team is happy to discuss your specific security requirements and provide detailed documentation.

Contact Security Team