Join Nabda waitlist
droq
Join Waitlist

Security

Our commitment to protecting your data and ensuring platform security

Security First Approach

At Droq, security is fundamental to everything we do. We employ enterprise-grade security measures to protect your data, ensure platform integrity, and maintain the highest standards of information security across our AI-powered market intelligence platform.

Our security framework is designed to protect against evolving threats while maintaining the performance and reliability you expect from our services.

Data Protection and Encryption

End-to-End Encryption

All data transmission uses AES-256 encryption with TLS 1.3 protocols

Data at Rest Encryption

Database and file storage protected with advanced encryption standards

Key Management

Hardware security modules (HSMs) for cryptographic key protection

Zero-Knowledge Architecture

Sensitive data processing without exposing raw information

AdvancedEncryption Standards

We use industry-leading encryption algorithms including AES-256, RSA-4096, and elliptic curve cryptography to ensure your data remains secure both in transit and at rest.

Infrastructure and Platform Security

Cloud Security

SOC 2 Type II compliant infrastructure
ISO 27001 certified data centers
Multi-region redundancy
99.9% uptime SLA
DDoS protection and mitigation
Continuous security monitoring

Network Security

  • Virtual Private Cloud (VPC) with network segmentation
  • Web Application Firewall (WAF) with custom rule sets
  • Intrusion detection and prevention systems (IDS/IPS)
  • Advanced threat intelligence and anomaly detection
  • Regular penetration testing and vulnerability assessments

AI System Security

  • Secure AI model training and deployment pipelines
  • Model integrity verification and tampering detection
  • Isolated compute environments for AI processing
  • Adversarial attack protection and monitoring
  • Explainable AI for transparency and audit trails

Access Control and Authentication

Multi-Factor Authentication

  • TOTP (Time-based One-Time Passwords)
  • SMS and email verification
  • Hardware security keys (FIDO2/WebAuthn)
  • Biometric authentication support

Role-Based Access Control

  • Principle of least privilege
  • Granular permission management
  • Automated access reviews
  • Session management and timeout

Zero Trust Security Model

We implement a zero trust approach where every request is verified, regardless of location or user credentials. This ensures maximum security for your account and data access.

Compliance and Certifications

SOC 2 Type II

Service Organization Control

ISO 27001

Information Security Management

GDPR Compliant

European Data Protection

Financial Industry Compliance

  • SOX (Sarbanes-Oxley) compliance for financial reporting
  • PCI DSS standards for payment card data security
  • MiFID II compliance for European markets
  • Anti-Money Laundering (AML) and Know Your Customer (KYC) procedures
  • Data residency requirements and cross-border transfer protocols

Regular Audits and Assessments

We undergo regular third-party security audits, compliance assessments, and penetration testing to ensure our security measures meet the highest industry standards.

Incident Response and Monitoring

24/7 Security Monitoring

Our Security Operations Center (SOC) provides round-the-clock monitoring, threat detection, and incident response capabilities to ensure rapid identification and mitigation of potential security threats.

Incident Response Plan

  • Immediate threat isolation and containment procedures
  • Forensic analysis and impact assessment protocols
  • Customer notification within required timeframes
  • Regulatory reporting and compliance procedures
  • Post-incident review and improvement processes

Threat Intelligence

We leverage advanced threat intelligence feeds, machine learning-based anomaly detection, and behavioral analytics to proactively identify and respond to emerging security threats.

Your Role in Security

While we implement comprehensive security measures, your security practices are equally important. Here are recommendations to help protect your account:

Best Practices

  • Use strong, unique passwords
  • Enable multi-factor authentication
  • Keep your software up to date
  • Log out when using shared devices
  • Monitor your account activity regularly
  • Report suspicious activity immediately

Avoid These

  • Sharing account credentials
  • Using public Wi-Fi for trading
  • Clicking suspicious links in emails
  • Installing unauthorized software
  • Ignoring security alerts
  • Using weak or reused passwords

Security Contact and Reporting

Report Security Issues

If you discover a security vulnerability or incident, please report it immediately:

Security Team: security@droq.com

Emergency Hotline: Available 24/7 through your account

Bug Bounty Program: security-bounty@droq.com

Responsible Disclosure

We appreciate responsible disclosure of security vulnerabilities. We will work with security researchers to verify and address reported issues promptly while protecting our users.

Security Updates and Improvements

We continuously enhance our security measures based on evolving threats, new technologies, and industry best practices. Regular security updates and improvements are deployed automatically to ensure your data remains protected with the latest security technologies.