Security Overview

Kimshi is hosted on AWS with applications behind Application Load Balancers (ALBs). Authentication is managed via Amazon Cognito and OIDC at the perimeter. Data in transit uses TLS and data at rest is encrypted.

• Hosting on AWS (S3, CloudFront, Cognito, ALB)
• OIDC/Cognito authentication; JWT verification
• Encryption in transit (TLS) and at rest
• Subprocessors disclosed publicly; DPA available

For a deeper technical breakdown, see the full Security & Data Protection page.