Client security has always been a top priority for all of us in NestForms, and we place high value in ensuring you have confidence in the security of your data. With this in mind we make every effort to maintain your data in as safe an environment as possible.
Over the last year, NestForms has been working on several security updates to keep your data safe.
These include an enhanced CSP that adds an additional layer of security to help detect and diminish certain types of attack, including Cross Site Scripting (XSS) and data injection attacks.
NestForms has also intensified our use of XSS Tokens ensuring every request that modifies data in your account requires an additional security token confirming that request is not received from an invalid or non authorised source.
We also ensure that regular OWASP approved penetration tests take place on the NestForms platform to identify potential areas of risk, as well as ensuring we can apply effective countermeasures and mitigation strategies. We are also happy to confirm that the NestForms retesting was completed without any medium, high or critical risk issues - see certificate.
We will also be shortly launching a bug bounty program, where we hope to invite ethical hackers to help us uncover any significant security vulnerabilities on the NestForms platform. We will have more info on this next Month.
For more information on the provisions we consider as standard security measures, please check out our Data protection policy.