Institutional-Grade Cybersecurity

FLUID Finance interconnected liquidity ecosystem has been designed to comply with institutional-grade cybersecurity measures. Recent history shows the disrupting and fragile nature of blockchain-based ecosystems can potentially be compromised. In 2021, almost $14Bn worth of cryptocurrencies has been lost or stolen as a direct result of a cyber-attack or security breach. Therefore, in FLUIDwe understand the significance of cybersecurity and data privacy and we are dedicated to delivering users and integrated platforms highly secured, privacy-first frictionless, and a low-latency infrastructure. Cybersecurity and data privacy controls and requirements are the core of our infrastructure from the very first day of the product development cycle.

FLUID team consists of cybersecurity veterans, innovators, and thought leaders from the most successful traditional finance companies. The team has spent more than two decades securing extremely high-profile organizations ranging from banks, governments, defense, critical infrastructure to crypto firms, protecting them against cyber-attacks, organized cyber-criminals, and advanced threat actors. FLUIDteam is leveraging prior professional experience to build safe, secure, trusted, fair, and transparent infrastructure that will meet the institutional-grade actors requirements to adopt and leverage blockchain technology.

Features

FLUID Finance has been designed from the ground up and our mission is to build institutional global liquidity with institutional-grade controls.

Some of the key features of our ecosystem:

• Zero Trust Security Architecture (ZTA)

• Secure and Privacy by Design (SPD)

• Permission-Based Connectivity and Access Controls

• Advanced Certificate mTLS Authentication Mechanisms

• Source IP Addressing Filtering and NGFW

• Risk-Based Authentication and Conditional Access

  • Multi-Factor Authentication

  • Geolocation IP Address

  • Device Fingerprint

  • Leaked / Stolen Credential Anomaly Detection

• OWASP Top 10 Protection for Web and API

• Web Application Firewalls and API Security Gateways

• TLS v1.3 Encryption and 4098-bit Encryption Key Length

• Private Key Management and Hardware Security and Encryption Module

• MPC Wallet Technology and Multi-Party Approval Process

• Tamperproof Data Protection Controls for Global Liquidity Order Book

• Data Integrity and Reentrancy Attack Prevention for Order Executions

• Secure Webhooks for Order Execution Notifications

• Institutional Internal Governance and Controls

  • Information Security Policies, Processes and Procedures

  • Cyber Risk Management Practice

  • Change Management Controls

  • Role-Based Access Controls

  • Segregation of Duties (SoD)

  • Secure Development Practice - DevSecOps and SecSDLC

  • Vulnerability and Patch Management

  • Penetration Testing and Code Reviews

  • SecOps – Network and Infrastructure Security

  • Continuous Security Intelligence and Monitoring