docka / Documentation

Sign In Get Started

Security Overview

Docka implements defense-in-depth security across all layers of the platform.

Security Layers

Authentication

JWT tokens, OAuth 2.0, Two-Factor Authentication (TOTP + Email), encrypted backup codes

Authorization

Role-based access control, multi-tenant isolation, resource ownership verification

Encryption

AES-256-GCM at rest, TLS 1.2+ in transit, Ed25519 SSH keys

Input Protection

Parameterized SQL queries, HTML sanitization, Content Security Policy

Rate Limiting

Per-IP rate limiting, OTP throttling, request size limits

Compliance

OWASP Top 10 - Mitigations for all common vulnerabilities
GDPR - EU data protection compliance
SOC 2 - Security controls (in progress)

← From Railway Authentication →