Data Security & Compliance

Moesif is designed with privacy and security in mind from the very beginning with secure, multi-tenant architecture while your data is encrypted in transit and at rest. Moesif is certified with both the EU-US and Swiss-US Privacy Shield Framework and our globally-distributed data center partners are ISO27001, SOC 2 and PCI DSS compliant.

SECURITY PRACTICES

Data scrubbing

Moesif’s SDKs support masking any sensitive data before it even leaves your network. You can choose to log the entire HTTP body, whitelist or blacklist specific keys, or scrub the body entirely. You’re in control.

Easy compliance

Easily handle GDPR requests like Right to Erasure or Right to Access requests within the web UI or programmatically through the API with just an email or user id. Selectively block or allow data collection for individual companies and users with a simple switch.

Secure API keys

Moesif Collector keys are write-only API keys suitable for use in public facing applications and limit access to a specific project or environment. Moesif’s Management API keys can be both time and resource scoped to limit access.

Encryption everywhere

Moesif applies military grade AES256 encryption to your data at rest, while in motion, even within our own network. Moesif's SSL implementation received an "A" from Qualsys' SSL Labs.

Enterprise sign-on ready

Our enterprise plans support sign-on via Active Directory, LDAP, SAML and others to ensure only authorized employees can access Moesif while streamlining identity management. Audit Log enables you to control and monitor access of information and data.

Ready to get started?

Join over 2,000 organizations using Moesif to understand API usage and improve key metrics.