Security and Privacy of Our EDI Converters
We take security and privacy very seriously. The architecture of our products helps with keeping them secure:
- EDI Converter runs fully on-prem, on your computers inside your network or VPC. It does not connect to any external servers outside your network.
- The converter does not use a database, and it does not store any data between calls. Once an EDI file is converted, all temporary files are deleted.
- The converter is 100% Java, the distribution does not contain any binary files.
We release new versions regularly and stay on top of known vulnerabilities in third party libraries and in Java runtime.
The API docker container always uses the latest long-term support version of Java.
We have a rigorous security scanning and testing process:
- We scan third-party dependencies/libraries for vulnerabilities
- All dependencies are updated with each release
- We perform emergency releases in case of zero-day exploits in third-party libraries
- The docker container is also scanned