Security practices

Security affects everything we do at Axle. We are SOC 2 Type 2 certified and we:
  • Force HTTPS on all connections, so data in-transit is encrypted with TLS 1.2.
  • Encrypt all database data at-rest with AES-256.
  • Host all servers in the US, in data centers that are SOC 1, SOC 2 and ISO 27001 certified. Our data centers have round-the-clock security, fully redundant power systems, two-factor authentication and physical audit logs.
  • Regularly conduct external penetration tests from third-party vendors.
  • Regularly conduct security awareness training sessions with all employees.
  • Maintain detailed audit logs of all internal systems.

Reporting security bugs or concerns

Please contact Axle’s security team, via email at security[at]axle.insure. We welcome reports from end users, security researchers, and anyone else!