This section highlights some of the primary threats developers and users may encounter along with recommended strategies to mitigate these risks. It’s important to recognize that this is not exhaustive; rather, it aims to outline key areas and proactive steps to bolster security.
Dynamic mitigates XSS attacks by utilizing Content Security Policies (CSPs) and iFrames, preventing unauthorized scripts from accessing wallet shares or modifying user sessions.
Phishing and social engineering are the most common threats in software and financial applications. While no single solution can fully prevent these attacks, Dynamic employs multiple strategies:
Dynamic uses automated tools for continuous monitoring and scanning of third-party packages for vulnerabilities and enforces integrity checks on all external dependencies. Additionally, for Dynamic powered Embedded Wallets, Trusted Execution Environments (TEE) are used to further ensure security and controls around sensitive user data. All secure enclave deployments are attested to guarantee integrity of the software running and ensure that only authorized code runs within our infrastructure. Multi-person reviews with scanned, signed, and verified artifacts are strictly enforced to prevent tampering in the software supply chain.
Dynamic enforces rate limiting on authentication attempts and supports additional measures like hCAPTCHA and domain blocking. We have active monitoring on all endpoints and projects to alert us if we see increases above the norm.
Dynamic strictly enforces TLS/SSL encryption for all network traffic to prevent any unauthorized access to data in transit to or from Dynamics servers. CORS origin is a requirement for any web application using Dynamic.
For Dynamic powered Embedded wallets, we implement session key chaining, which requires a properly registered session key on sensitive authenticated requests. Dynamic powered Embedded wallets with TSS-MPC includes using a secure relay mechanism to apply an additional layer of encryption between parties involved in MPC ceremonies. This prevents unauthorized interception of key share material between devices and Dynamic servers.
This section highlights some of the primary threats developers and users may encounter along with recommended strategies to mitigate these risks. It’s important to recognize that this is not exhaustive; rather, it aims to outline key areas and proactive steps to bolster security.
Dynamic mitigates XSS attacks by utilizing Content Security Policies (CSPs) and iFrames, preventing unauthorized scripts from accessing wallet shares or modifying user sessions.
Phishing and social engineering are the most common threats in software and financial applications. While no single solution can fully prevent these attacks, Dynamic employs multiple strategies:
Dynamic uses automated tools for continuous monitoring and scanning of third-party packages for vulnerabilities and enforces integrity checks on all external dependencies. Additionally, for Dynamic powered Embedded Wallets, Trusted Execution Environments (TEE) are used to further ensure security and controls around sensitive user data. All secure enclave deployments are attested to guarantee integrity of the software running and ensure that only authorized code runs within our infrastructure. Multi-person reviews with scanned, signed, and verified artifacts are strictly enforced to prevent tampering in the software supply chain.
Dynamic enforces rate limiting on authentication attempts and supports additional measures like hCAPTCHA and domain blocking. We have active monitoring on all endpoints and projects to alert us if we see increases above the norm.
Dynamic strictly enforces TLS/SSL encryption for all network traffic to prevent any unauthorized access to data in transit to or from Dynamics servers. CORS origin is a requirement for any web application using Dynamic.
For Dynamic powered Embedded wallets, we implement session key chaining, which requires a properly registered session key on sensitive authenticated requests. Dynamic powered Embedded wallets with TSS-MPC includes using a secure relay mechanism to apply an additional layer of encryption between parties involved in MPC ceremonies. This prevents unauthorized interception of key share material between devices and Dynamic servers.