Last updated June 11, 2024
Our Commitment to Security
At LangWatch, we understand that security and reliability are fundamental for your trust in our services and a strong requirement for many of our customers dealing with sensitive and private data. Our dedicated approach to security encompasses rigorous measures and protocols to safeguard your data at every level.
How We Protect Your Data
Infrastructure Security: LangWatch leverages a multi-faceted infrastructure, predominantly hosted on AWS, Elastic Cloud, and Vercel. This diversified approach ensures robust security capabilities and compliance with industry standards like SOC2, GDPR, and ISO 27001.
Data Storage and Encryption: Your data is securely encrypted both in transit and at rest, utilizing AES256 encryption across AWS, Elastic Cloud instances and Redis queues. This encryption is bolstered by our commitment to using only SOC2, GDPR, and ISO 27001 compliant services, namely Google Cloud, Elastic and Vercel.
Data Privacy and PII Handling: We take privacy seriously. Personally Identifiable Information (PII) received by our service is automatically identified by Google Cloud DLP algorithm, and completely removed before any data storage happens by redacting the received data, ensuring compliance with privacy regulations and safeguarding user data.
Access Control and Secret Management: Access to sensitive data is stringently controlled. We employ a role-based access control (RBAC) system to ensure that only authorized personnel have access to specific data segments Only for troubleshooting and with your permission personnel within LangWatch can access it. Environmental variables and secrets are securely managed within our Google Cloud and Vercel host providers, ensuring that sensitive information is accessible only to those who need it.
Advanced Authentication Security with Auth0: Secure access to LangWatch is managed through Auth0, which maintains up-to-date encryption algorithms and adheres to stringent security protocols, providing a highly secure authentication system. This integration ensures advanced protection against unauthorized access, with the added flexibility of Single Sign-On (SSO) functionality available upon request.
Compliance and Certifications: While LangWatch is currently in the process of obtaining formal certifications, we rigorously adhere to GDPR and SOC2 practices. Our commitment to these standards underlines our dedication to maintaining a secure and compliant platform.
Scalability and Reliability
Auto scalable: LangWatch is built on serverless architecture, offering auto-scalability to efficiently handle high volumes of traffic. This setup ensures high availability and reliability of our services, without the need for physical infrastructure management.
Robust Backup Systems: Both SQL and Elasticsearch on our infrastructure are equipped with comprehensive backup solutions. Regular, encrypted backups ensure that customer data is not only secure but also readily recoverable in the event of any unforeseen data loss.
Development and Operational Security
Training and Awareness: New employees undergo extensive onboarding training focused on our security-first culture, with regular updates as security landscapes evolve.
Vulnerability Management: Our vulnerability management primarily utilizes GitHub’s Dependabot, continuously scanning our codebase for potential vulnerabilities. This proactive approach allows us to address security issues swiftly and effectively.
Separate Environments: LangWatch’s development environment is completely isolated from production, ensuring that any changes are thoroughly tested in a secure setting before deployment. This separation is crucial in maintaining the integrity and security of our platform.
Monitoring and Alerting: Comprehensive monitoring systems are in place for infrastructure health and application runtime errors, enabling prompt response to any issues.
Audit Trails and Record Keeping: Robust audit trails are maintained for all operations, complying with SOC2 standards and ensuring traceability and accountability.
Incident Management and Response
We are prepared for any security incidents, this includes prompt notification and cooperation with customers, as well as compliance with regulatory requirements, such as GDPR Article 33.
International Data Handling and Transfers
LangWatch ensures that all international data transfers are compliant with GDPR, working exclusively with vendors inside the EU.
Contact and Reporting
For any security concerns or to report vulnerabilities, please contact our security team at security@langwatch.ai