Trust & Security

bluebook is designed for high performance and availability, and built on best-in-class core technologies, such as AWS, allowing us to scale confidently and securely.

We follow a multilayered approach to security with various controls including but not limited to.


For all critical system, we rely on third party service providers who are all certified PCI DSS Level 1 service providers.

End-to-end Encryption

All network traffic is encrypted using Transport layer Security (TLS1.2+). Encryption for data at rest is automated using encrypted storage volumes.

DDoS Protection

Cloud based DDoS mitigation to maintain performance and availability.

Web Application Firewall

Enterprise-class cloud based web application firewall (WAF) protecting our applications from malicious attacks designed to compromise web servers.

DNS Security

Protection against forged DNS answers.

Bot detection & mitigation

We implement technology to protect our application from spam and abuse helping us prevent account takeover, fraud, and complex application-layer attacks.