Trust Center
By The Krptn Project
Transparency
We believe that being transparent about our code, and other implementation details are curcial to gain trust. Therefore, we have our security model easily accessible and our project is free and open source (FLOSS). Any doubts about our code, check it on GitHub for the source of truth!
Note: Krptn, without prior interactions initiated by you, will never reach out to you for personal information. This information could help you in identifying scam.
Our suppliers
We regularly update our list of providers, and the services we use to ensure full transparency.
GitHub
We use GitHub for:
- Issue Tracking
- Continuous Integration
- Dependency Management
- Code Scanning
- Secure source code management
Microsoft Azure
On Microsoft Azure we do:
- Website hosting
- Cloud storage
We use Google services for:
- Communication (Gmail)
- Collaboration (Google Drive)
- Website Usage Analytics
Cloudflare
From Cloudflare, we use the following services:
- DDoS protection
- CDN
- SMTP relay for incomming mail
Twillio SendGrid
- SMTP relays for outgoing mail
Code Dependencies
In addition to the above listed providers, Krptn’s code also depends on several open source projects.
For the full list, please view our dependency graph on GitHub but the most significant dependencies are:
- Python
- SQLAlchemy
- LibSodium
- DuoLab’s WebAuthn Python extension
Open Source projects our website uses
Our website and documentation uses to following Open Source projects to function:
- Sphinx
- Read The Docs Theme
- GoHugo
- Our custom modified version of Ananke Theme
- Google AMP
Security Policy
We have a Security Policy which defines the reporting process for vulnerabilities.
We aim to fix, release and disclose vulnerabilities as soon as we can. However, may not diclose a vulnerability until we have released a fix for it.