Trust & Security

bluebook is designed for high performance and availability, and built on best-in-class core technologies, such as AWS, allowing us to scale confidently and securely.

We follow a multilayered approach to security with various controls including but not limited to.

Compliance

For all critical system, we rely on third party service providers who are all certified PCI DSS Level 1 service providers.

End-to-end Encryption

All network traffic is encrypted using Transport layer Security (TLS1.2+). Encryption for data at rest is automated using encrypted storage volumes.

DDoS Protection

Cloud based DDoS mitigation to maintain performance and availability.

Web Application Firewall

Enterprise-class cloud based web application firewall (WAF) protecting our applications from malicious attacks designed to compromise web servers.

DNS Security

Protection against forged DNS answers.

Bot detection & mitigation

We implement technology to protect our application from spam and abuse helping us prevent account takeover, fraud, and complex application-layer attacks.