Security & Trust Center

All traffic between your browser and Pulse is encrypted using modern TLS (HTTPS). HTTP requests are automatically upgraded to HTTPS, and we use HSTS to prevent protocol downgrade attacks.

Any data we store on our behalf is encrypted at rest using AES-256 by our cloud provider. Cryptographic keys are managed by a hardware-backed key management service with strict access auditing.

Pulse runs on hardened, SOC 2 / ISO 27001 certified cloud infrastructure with isolated compute environments, private networking, and least-privilege service accounts.

Our edge network provides automatic Layer 3/4 and Layer 7 DDoS mitigation, a managed Web Application Firewall (WAF), and global rate-limiting to keep the service available during attacks.

Configuration and application data are backed up on a regular schedule with encrypted, geo-redundant storage. Backups are integrity-checked and restoration is tested periodically.

Internal access is gated by single sign-on with mandatory multi-factor authentication, role-based access control, and just-in-time elevation. All privileged actions are logged.

We continuously monitor for anomalous traffic, run automated dependency and container vulnerability scans, and patch on a defined SLA. Critical issues are triaged 24/7.

If you believe you've found a security vulnerability, please email security@mydomain.com. Please give us a reasonable window to investigate and remediate before public disclosure. We do not pursue legal action against good-faith researchers.

While we work hard to protect Pulse, no platform — including ours — can guarantee absolute security. Use strong, unique passwords on any account you connect, keep your browser updated, and report anything suspicious to the address above.