AegisEdge
Trust

Security & Trust

Last updated: 9 July 2026

AegisEdge is built around defence-in-depth at the application edge. Protection layers work together and are managed from a single console.

Request WAFCommon web-exploit classes, response leak scanning
Bot & challengeBrowser checks, captcha, behaviour scoring
L7 DDoS controlsRate limits, post-pass flood detection, temp blacklist
HardeningSecurity headers, TLS hardening, cookie hardening
API ShieldMethod policy, JWT / schema validation, sensitive paths
Zero TrustIdentity-aware gating for admin and private apps

Responsible deployment

Operators should run the admin console behind VPN or Zero Trust, rotate default credentials, set AEGIS_AUTH_SECRET, configure trusted proxies correctly, firewall origins to edge IPs only, and place L3/L4 DDoS mitigation upstream.

Honest scope: AegisEdge protects at Layer 7. Volumetric L3/L4 floods require upstream provider filtering, scrubbing or anycast. Access-control flaws (IDOR/BOLA, privilege escalation) depend on origin logic — the platform provides detection, validation and Zero Trust gates, not a blanket guarantee.

Vulnerability disclosure

Report security issues to security@aegisedge.online. Add your PGP key and security.txt details here.