Security
Keep the Magic of Human Connection Alive in a Safe and Trusted Environment!
The objective of the Fleggi Security Team is to create the best security organization in the world, guaranteeing that our members have a private and secure space to keep the magic of human connection alive.
Because you have entrusted Fleggi with your data, we place a high focus on the security of our application and the privacy of your data. Our commitment to you includes ensuring that we have a strong, transparent, and responsible security program.
Internal Security Procedures at Fleggi
Fleggi’s security program keeps our company and your data safe at all times by combining industry-leading security architecture, responsible data practices, and security and privacy best practices to stay ahead of the growing number of threats to internet services and infrastructure. The following domains are the focus of our security program:
Internal Information Security Program
Within Fleggi’s digital environment, we work to strengthen security and reduce risk. Using the least privilege paradigm, we proactively create secure access protocols and network architecture to enable systematic control of internal access to Fleggi’s facilities, systems, and resources. Internally, Fleggi requires the use of two-factor authentication (2FA).
Security Infrastructure
Security is developed and incorporated at all levels of our development lifecycle to enable the creation of better, safer products and to ensure secure design and engineering principles. Our internal teams do rigorous security design evaluations and assessments on our apps and systems, including new features, code, and configuration modifications. Many of these applications and systems are also subjected to independent and rigorous pen tests by recognized third-party security experts on a regular basis.
Governance, Risk, and Compliance
At Fleggi, security awareness starts on the first day and continues throughout the company. Every new employee receives security and privacy training upon hire, as well as on an annual basis. At Fleggi, everyone is responsible for security. To secure our systems and member data, we have built and enforced physical, operational, and technical controls, as well as security policies and procedures. We do in-depth examinations of our third-party vendors’ security posture in addition to rigorous internal security risk assessments.
Offensive security testing
Our internal Red Team identifies previously unknown security weaknesses in current systems and workflows. This group replicates real-world attacks on all sections of the business and prioritizes security posture levelling to fix the most vulnerable areas. Our goal is to acquire insight into potential vulnerabilities and to test regularly to lessen the risk of a data breach.
Monitoring and Threat Management
All access to our infrastructure and systems is logged and monitored in real time. The security monitoring, investigation, threat hunting, and response program at Fleggi guarantees that we are notified of security incidents and that we investigate, triage, and remediate them correctly.
Security Vulnerabilities Reporting
Fleggi values the contributions of security researchers in identifying potential concerns and approaches to improve the security of our applications, infrastructure, and member data. We encourage security researchers to report any possible vulnerabilities discovered to our Bug Bounty program in a responsible manner. We are committed to dealing with security issues responsibly and promptly. Please do not share information regarding any potential vulnerabilities with anyone outside of Fleggi until we have had the opportunity to analyze and fix them with you. We appreciate your efforts to make Fleggi safe for our users.