Security Reports

If you discover a potential vulnerability in Intercom Booster (by Latenode), please let us know right away: security@latenode.com.

Abuse Reports

Suspect unlawful use or Terms‑of‑Use violations? Send details to security@latenode.com — we’ll investigate promptly.

Hosting & Infrastructure

Our services run on AWS in us‑east‑1. All compute and storage are inside AWS’s secure, compliance‑certified data centers. We augment AWS security with MFA, private VPCs, and strict network controls.

Intrusion Protection

We employ Cloudflare WAF + real‑time alerts to guard against DDoS, bot attacks, and other threats. Our incident response plan ensures swift remediation.

OAuth & API Keys

• ✅ We prefer OAuth—short‑lived tokens, revocable at any time.
• ✅ If you supply an API key, restrict its scopes to only what’s needed.
• ✅ All grants, keys, and env vars are encrypted at rest with AWS KMS (256‑bit AES‑GCM).

Data in Transit & TLS

Every request to our web apps is TLS‑encrypted. We use Cloudflare SSL Manager for certificate issuance and auto‑renewal—no private keys handled in‑house.

Data at Rest Encryption

Your data—lead profiles, enriched records, OAuth tokens—is encrypted at rest using AWS KMS keys managed by Latenode. Backups are also encrypted.

Development & Deployment

All production code lives in GitLab with enforced MFA + VPN access. Only authorized Latenode engineers may deploy; every release is tested and monitored.

Vulnerability Management

We continuously scan our codebase and infrastructure for known vulnerabilities and patch critical issues without delay.

Payment Processing

Subscriptions are handled via Stripe. Intercom Booster never stores your payment details—Stripe’s PCI‑Level 1 certification does.