Back to Home

Security First

eSolia Nexus is built with security at its core, following international standards to protect your data.

OWASP Top 10
ISO 27001/27002
FSA Guidelines

Data Protection

All data is encrypted in transit with TLS 1.3 and at rest. Your information is stored securely in Cloudflare infrastructure.

Access Control

HMAC-SHA256 authentication with nonce replay prevention. Role-based permissions ensure apps only access what they need.

Privacy by Design

PII obfuscation protects recipient data. Encrypted preferences with automatic expiry. Comprehensive audit trails.

Global Infrastructure

Powered by Cloudflare's edge network with built-in DDoS protection and configurable data residency.

Compliance Ready

Designed to help you meet FSA cybersecurity guidelines and ISO 27001 requirements with built-in tracking.

Secure Development

Built following OWASP Top 10 guidelines with regular security audits, dependency scanning, and code review.

OWASP Top 10 Compliance

We address each OWASP Top 10 risk category with specific security controls:

A01

Broken Access Control

HMAC auth, nonce replay prevention

A02

Cryptographic Failures

TLS 1.3, SHA-256, constant-time comparison

A03

Injection

D1 parameterized queries, XSS escaping

A04

Insecure Design

Two-factor access, defense in depth

A05

Security Misconfiguration

Secure defaults, security headers

A06

Vulnerable Components

npm audit, minimal dependencies

A07

Auth Failures

Rate limiting, PIN brute force protection

A08

Data Integrity

HMAC signing, audit logs

A09

Logging Failures

Comprehensive audit and access logs

A10

SSRF

No user-controlled URLs

Want to know more about our security implementation?

ASVS Assessment Contact Security Team

Report security vulnerabilities to security@esolia.co.jp

security.txt | ASVS Assessment