Countly encrypts data at rest and in transit. We incorporate built-in Google Cloud Platform data encryption at rest using Google's Key Management Service, aligned with the industry’s best practices.
Countly has an open source application core that is evaluated and tested by contributors and bounty hunters. Additionally, we regularly hire application security experts for third-party penetration tests. These penetration testers evaluate the source code, running application, and the deployed environment.
Countly also uses high-quality static analysis tooling such as CodeQL, Deepscan, Codacy, SonarCloud, LGTM, or Dependabot, to secure our product at every step of the development process.
Countly uses Google Cloud Platform to host our application. We make full use of the security products embedded within the GCP ecosystem.
Additionally, we also separate each customer's data and resources in completely separate instances.