Saltar al contenido principal
NexoDash
Back to homeSign in

Security

Last updated: 2025-11-28

Security at NexoDash

Overview of our data protection practices and how to report incidents or vulnerabilities.

Encryption

TLS 1.3 for all communications. HSTS with preload enabled.

Access control

Secure authentication, expiring JWT tokens, role-based access control.

Monitoring

Audit logs, anomaly detection, real-time alerts.

Security headers

  • Content Security Policy (CSP)

    Prevents XSS and injection attacks

  • HSTS Preload

    Enforces HTTPS with a 1-year max-age

  • X-Frame-Options

    Protects against clickjacking

  • X-Content-Type-Options

    Prevents MIME sniffing

  • Referrer-Policy

    Controls referrer information

  • Permissions-Policy

    Restricts browser APIs

Infrastructure

  • Daily backups

    30-day retention, periodic restore tests

  • Data isolation

    Each tenant’s data is fully isolated

  • Updates

    Dependencies kept current, vulnerability scanning

  • CDN & DDoS

    Edge-level protection with Cloudflare/Vercel

Incident response process

Initial response to reports
72h
Critical incident notification
24h
Deadline to patch reported vulnerabilities
90 days

Report vulnerabilities

If you find a vulnerability or security incident, email us at security@nexodash.com with technical details. We will investigate and respond promptly.

security@nexodash.com ↗

General support: info@nexodash.com · +1 786 436 7132

PrivacyTermsCookiesData requestSubprocessors

© 2026 NexoDash LLC