Skip to main content
All CollectionsSecurity
Infrastructure & Application Security
Infrastructure & Application Security

Information about Tanda's infrastructure & application security.

Updated over a year ago

Where is Tanda hosted?

Tanda is a SaaS company, and uses Amazon Web Services (AWS) to host our application. Tanda operates in multiple regions. For customers using my.tanda.co,  we host the platform in AWS Sydney. For customers using eu.tanda.co, we host our data in AWS Frakfurt.

Tanda generally follows the AWS Well-Architected framework: https://aws.amazon.com/architecture/well-architected/ 

What information can I use to update my organization's firewall rules to allow Tanda?

Tanda operates with the following domain names:

Tanda does not guarantee our traffic comes from the same static IP address. Contact us if you require more information.

Is Tanda ISO27001 or SOC-2 compliant?

Yes, as of June 2022 Tanda has received its SOC2 Type 2 audit certification. Interested parties may view the document in its entirety by completing the access request step to our security portal by clicking the image below or going directly to https://security.tanda.co/.

Does Tanda get security tests done by third parties?

Yes. Tanda sponsors and operates a fully funded "bug bounty" program via Hackerone. Their team of researchers have been hand picked for their expertise in working with products with similar design structure and attack vectors. Learn more here.

Are the servers that host Tanda publicly accessible?

No.

Does Tanda use Firewalls?

Yes, we are able to separate our servers & database(s) from the public internet and each other, with access controlled through strict firewalls.

Does Tanda manage data centres?

No, Tanda does not manage any Data centers. We use AWS, and they take on that responsibility. Read more about their shared responsibility model here: https://aws.amazon.com/compliance/shared-responsibility-model/ 

Does Tanda use intrusion detection systems?

 Yes

Did this answer your question?