Data in Transit
Data in transit is defined as data that is actively transferring between different destinations (e.g. applications to databases or object storage) over the same network or over the internet.
In the JFrog SaaS solution, every customer’s data is encrypted in transit using HTTPS over TLS V1.2, with strong cipher suites.
Data at Rest
Data at rest is defined as data that is physically stored and hosted in any digital form (e.g. cloud storage, databases, data warehouses, or cloud backups) and not actively transferring between different destinations.
In JFrog SaaS solution, all hosted data at rest is securely stored in a database and object storage using 256-bit AES encryption.
Key Management
All our encryption keys are stored hashed and are managed in a cloud-hosted key management service, which lets us create and manage cryptographic keys and control their use across a wide range of services and in your applications. It lets us generate, use, rotate, and destroy cryptographic keys.
