Your assets and data are protected by multiple layers of defense — from cold storage custody to real-time threat monitoring.
We apply the same custody standards used by institutional asset managers and regulated financial entities.
The vast majority of customer assets are held in air-gapped, geographically distributed cold storage vaults. These wallets have never been connected to the internet and require in-person, multi-party authorization for any movement of funds.
All hot and cold wallets use multi-signature (multisig) technology requiring M-of-N key holders to approve any transaction. No single employee or system can unilaterally move funds. Key holders are distributed across different jurisdictions and time zones.
Ironbrand maintains a dedicated insurance reserve fund to cover potential losses from security incidents. The fund is capitalized from a portion of trading fee revenue and is held in segregated, audited accounts separate from operational funds.
Enterprise-grade encryption and network security protect every interaction with our platform.
All sensitive data — including personal information, API secrets, and internal credentials — is encrypted at rest using AES-256, the same standard used by intelligence agencies and banks worldwide. Encryption keys are managed through a dedicated Hardware Security Module (HSM) with strict access controls.
All data in transit between your browser/API client and our servers is encrypted using TLS 1.3 with perfect forward secrecy. We enforce HSTS (HTTP Strict Transport Security), use certificate pinning for mobile apps, and support only modern cipher suites with no legacy fallbacks.
Our infrastructure is distributed across multiple availability zones with enterprise-grade DDoS mitigation that absorbs volumetric attacks exceeding 1 Tbps. Traffic scrubbing, rate limiting, and intelligent traffic analysis ensure platform availability even during sophisticated attacks.
Critical systems — the matching engine, wallet infrastructure, and user database — run on isolated networks with no direct internet access. Internal communication uses mutual TLS authentication. Database access is restricted to specific service accounts with audit logging on every query.
Multiple layers of authentication and monitoring ensure that only you can access your account.
We strongly encourage all users to enable 2FA using a TOTP authenticator app (Google Authenticator, Authy, or similar). 2FA is required for withdrawals, API key creation, and security setting changes. We also support hardware security keys (YubiKey, FIDO2) for the highest level of protection.
Every login attempt triggers an email notification with IP address, device fingerprint, and approximate location. Logins from new devices require email verification. You can view and revoke active sessions from your security dashboard at any time.
Enable withdrawal address whitelisting to restrict crypto withdrawals to pre-approved addresses only. Adding a new address requires 2FA confirmation and has a 24-hour security hold before it becomes active, giving you time to react to unauthorized changes.
Set a personal anti-phishing code that appears in every legitimate email from Ironbrand. If an email does not contain your code, it is not from us. This simple measure stops the majority of phishing attacks before they can succeed.
API sessions have configurable timeouts. Web sessions expire after 30 minutes of inactivity. You can terminate all active sessions with a single click. Concurrent session limits prevent account sharing and reduce exposure from compromised credentials.
Our risk engine monitors account activity 24/7 using behavioral analytics. Unusual patterns — such as login from a new country, rapid withdrawal requests, or abnormal trading activity — trigger automatic security holds and human review.
Security is not a one-time achievement. We continuously test, audit, and improve our defenses.
We engage independent, third-party security firms to conduct comprehensive penetration tests on a quarterly basis. These tests simulate real-world attack scenarios against our web application, API, mobile apps, and internal infrastructure. All findings are remediated before the next test cycle, and critical vulnerabilities are patched within 24 hours of discovery.
We maintain an active bug bounty program that rewards security researchers for responsibly disclosing vulnerabilities. Bounties range from $250 for low-severity issues to $50,000 for critical vulnerabilities affecting fund security. Eligible categories include authentication bypass, privilege escalation, smart contract flaws, and data exposure. Contact security@ironbrand.io for our security policy and scope.
Ironbrand is actively pursuing SOC 2 Type II certification, which validates our security controls across five trust service criteria: security, availability, processing integrity, confidentiality, and privacy. Our compliance program is overseen by an independent auditing firm, and we expect to achieve certification in 2025. Status: In Progress
All code undergoes mandatory peer review, automated static analysis (SAST), and dependency vulnerability scanning before deployment. We follow OWASP Top 10 guidelines, use parameterized queries to prevent injection attacks, implement Content Security Policy headers, and maintain a formal incident response plan with defined escalation procedures.
| Measure | Status |
|---|---|
| Cold Storage Custody (95%+) | Active |
| AES-256 Encryption at Rest | Active |
| TLS 1.3 + HSTS | Active |
| Multi-Signature Wallets | Active |
| 2FA / Hardware Key Support | Active |
| DDoS Mitigation | Active |
| Bug Bounty Program | Active |
| Quarterly Penetration Testing | Active |
| Insurance Reserve Fund | Active |
| SOC 2 Type II Certification | In Progress |
Found a security issue? We appreciate responsible disclosure and reward valid reports through our bug bounty program.
Contact Security Team