logo alphaweighted

Security

We get it, your secret sauce is secret.

At alphaweighted we have a philosophy of provable security for your trade secrets, your algos and your processes.

This means we believe it should be easy for you to prove to yourself that your secrets are safe when using our tools.

Put another way; you shouldn't have to believe anything we say; you should be able to see it for yourself.

So how does this work in practise?

Self-hosted

You host AWTS on your own infrastructure, so all your code and all your data stays on hardware you control.

The modules are provided as Docker images; they run inside Docker containers and hence have no access to any data on your host machine.

You can use your own physical hardware, or a private cloud setup - it's up to you.

Block network access

Your data can't be exfiltrated if there's no connection to the outside world.

Use offline licensing (Premium plans only) and AWTS has no need to connect anywhere except to your data vendors and your users. So block it at the firewall.

You can do this with dedicated firewalling on your own infrastructure, and/or with Docker's networking; e.g. by assigning the container to an internal-only network and running a separate proxy/firewall container to allow inbound connections to the module's APIs, and outbound connections to the upstream vendor only.

Please contact us if you need help, support or more technical information to assist in configuring network security.

Published API specs

Per our API documentation, all AWTS API contracts are published - including the API that AWTS modules use for license validation with our servers. AWTS modules can be inspected (e.g. with grpcurl) to verify what API services they serve.

Plus...

Modular - use only what you need

For maximum flexibility and minimum exposure, just use the components you want and ignore the rest.

For example, if you get market data from Polygon.io, use our data module for that; giving you a reliable, high-performance, simple API to stream data with - and nothing else. All your algos/etc are in your own code.

Help!

Security can be complicated. As part of a Team/Institution plan we will work with your team, or your trusted 3rd party IT vendor, to help configure a provably-secure environment.