Data Security and Compliance
Moesif is designed with security and compliance in mind. All data is encrypted in transit and at rest. Very sensitive applications can leverage a zero-knowledge security architecture with on-premises client-side encryption and Bring Your Own Key (BYOK).
Have peace of mind with features like audit logs and fine-grained access control while knowing your data sits in globally-distributed data center partners with ISO27001, SOC 2 and PCI DSS compliance.
Client-side encryption
For sensitive applications and strict compliance, leverage client-side encryption for zero-knowledge security.
With Bring Your Own Key (BYOK) not even Moesif can decrypt or access your data.
Automatic key rotation with connectors for AWS Key Management Service (KMS), AWS CloudHSM, and more.
Data Security
Encryption Everywhere
Military-grade AES256 encryption for all data at rest and in motion. For extra security, enable client-side encryption with Bring Your Own Key.
Secure API Keys
Collector keys are write-only and suitable for untrusted apps. Management API keys can be limited to specific apps and data.
Secure, Multi-tenant Architecture
Data is isolated from each other preventing any leakage or exchange of information.
Data Scrubbing
SDKs support masking any sensitive data before it leaves your network. Log everything or blacklist/whitelist specific fields.
Access Control
Enterprise Single Sign-on
Enterprise SSO supported for most identity providers including Active Directory, SAML and Okta simplifying account provisioning.
Audit Logs
Audit logs allows admins to monitor team member actions affecting your Moesif account and it's data.
Roles and Custom Permissions
Custom roles enable fine-grained access control. Limit access to features like bulk export or API keys to trusted team members.
Breached Password Protection
Moesif will alert your team members when a reused password was leaked even on other websites.
Ready to get started?
Join thousands of customer-driven teams using Moesif to understand API usage