SECURITY_ARCHITECTURE

Built to
defend.

At RelayBill, security isn't a feature—it's the core of the protocol. We protect your origin from the noise of the public internet.

Zero-Trust Proxying

Every request is cryptographically verified at the edge. We drop malformed packets and unauthorized traffic before they ever touch your server infrastructure.

AES-256 Key Encryption

Your customer API keys are never stored in plain text. We use industry-standard AES-256 encryption at rest and TLS 1.3 for all data in transit.

SSRF Protection

Our relay engine automatically blacklists private IP ranges (localhost, 127.0.0.1, 192.168.x.x) to prevent Server-Side Request Forgery attacks against your internal tools.

Request Scrubbing

We follow a strict whitelist approach for headers. Sensitive client-side headers are stripped to prevent data leakage between your users and your origin.

Instant Key Rotation

Found a leak? Rotate your API keys instantly from the dashboard. New keys are generated immediately while preserving your existing balance and metadata.

INFRASTRUCTURE

Hardened edge network.

Our infrastructure is built on world-class cloud providers with multi-region failover. We utilize edge-compute environments that isolate request processing in ephemeral, sandboxed runtimes.

Isolation_Method

V8_Isolates

Enclave_Status

Verified

PROTECTION_LAYERL7_ACTIVE

WAF_ENGINEPROPRIETARY_v1.0

DDOS_MITIGATIONENFORCED

KMS_PROVIDERAWS_CLOUD_HSM

COMPLIANCE

Standardization.

SOC2 Type I (In Progress)
PCI-DSS Level 1 (Via Stripe)
GDPR & CCPA Compliant Protocols

BUG BOUNTY

Disclosure.

We value the security community. If you've discovered a vulnerability, please report it to our security team. We offer rewards for responsible disclosure of critical issues.

Report Vulnerability

STAY_SECURE

Secure origin.
Total authority.

SECURITY_ARCHITECTURE

Built to
defend.

At RelayBill, security isn't a feature—it's the core of the protocol. We protect your origin from the noise of the public internet.

Zero-Trust Proxying

Every request is cryptographically verified at the edge. We drop malformed packets and unauthorized traffic before they ever touch your server infrastructure.

AES-256 Key Encryption

Your customer API keys are never stored in plain text. We use industry-standard AES-256 encryption at rest and TLS 1.3 for all data in transit.

SSRF Protection

Our relay engine automatically blacklists private IP ranges (localhost, 127.0.0.1, 192.168.x.x) to prevent Server-Side Request Forgery attacks against your internal tools.

Request Scrubbing

We follow a strict whitelist approach for headers. Sensitive client-side headers are stripped to prevent data leakage between your users and your origin.

Instant Key Rotation

Found a leak? Rotate your API keys instantly from the dashboard. New keys are generated immediately while preserving your existing balance and metadata.

INFRASTRUCTURE

Hardened edge network.

Our infrastructure is built on world-class cloud providers with multi-region failover. We utilize edge-compute environments that isolate request processing in ephemeral, sandboxed runtimes.

Isolation_Method

V8_Isolates

Enclave_Status

Verified

PROTECTION_LAYERL7_ACTIVE

WAF_ENGINEPROPRIETARY_v1.0

DDOS_MITIGATIONENFORCED

KMS_PROVIDERAWS_CLOUD_HSM

COMPLIANCE

Standardization.

SOC2 Type I (In Progress)
PCI-DSS Level 1 (Via Stripe)
GDPR & CCPA Compliant Protocols

BUG BOUNTY

Disclosure.

We value the security community. If you've discovered a vulnerability, please report it to our security team. We offer rewards for responsible disclosure of critical issues.

Report Vulnerability

STAY_SECURE

Built to defend.

Zero-Trust Proxying

AES-256 Key Encryption

SSRF Protection

Request Scrubbing

Instant Key Rotation

Hardened edge network.

Standardization.

Disclosure.

Secure origin. Total authority.

Built to defend.

Zero-Trust Proxying

AES-256 Key Encryption

SSRF Protection

Request Scrubbing

Instant Key Rotation

Hardened edge network.

Standardization.

Disclosure.

Secure origin. Total authority.

Built to
defend.

Secure origin.
Total authority.

Built to
defend.

Secure origin.
Total authority.