PCI Compliance

Payment Card Industry
Data Security Standards.

Key Features

Read More
Network and application security
Read More
Additional Security
Read More

Product security


We enable permission levels within the app to be set for your managers.

You can also set notifications like SMSes and emails and stop whenever you want.

You can simply add or remove agents on a single click.

Password and Credential Storage

Galactic enforces a password complexity standard and credentials are stored using a PBKDF function (bcrypt).


We have uptime of 99.9% or higher. You can check our past month stats at

Network and application security

Data Hosting and Storage

Galactic services and data are hosted in Amazon Web Services (AWS) facilities (us-west-2) in the USA.

Failover and DR

Galactic was built with disaster recovery in mind. All of our infrastructure and data are spread across 3 AWS availability zones and will continue to work should any one of those data centres fail.

Virtual Private Cloud

All of our servers are within our own virtual private cloud (VPC) with network access control lists (ACLs) that prevent unauthorized requests getting to our internal network.

Back Ups and Monitoring

There are backup policies for Mysql and MongoDB, Dumps are stored on S3 every 6 hours.

On an application level, we produce audit logs for all activity.

All actions taken on production consoles or in the Galactic application are logged.

Permissions and Authentication

Access to customer data is limited to authorized employees who require it for their job.

Galactic is served 100% over https. Galactic runs a zero-trust corporate network. There are no corporate resources or additional privileges from being on Galactic network.


All data sent to or from Galactic is encrypted in transit using 256 bit encryption.

Our API and application endpoints are TLS/SSL only and score an “A+” rating on Qualys SSL Labs‘ tests. This means we only use strong cipher suites and have features such as HSTS and Perfect Forward Secrecy fully enabled.

Pentests, Vulnerability Scanning and Bug Bounty Program

Galactic uses third party security tools to continuously scan for vulnerabilities. Our dedicated security team responds to issues raised.

Once a quaterly we engage third-party security experts to perform detailed penetration tests on the Galactic application and infrastructure.

Galactic also runs a ‘bug bounty’ program with appsecure, which gives security researchers a platform for testing and submitting vulnerability reports.

Incident Response

Galactic implements a protocol for handling security events which includes escalation procedures, rapid mitigation and post mortem. All employees are informed of our policies.

Additional Security features


All employees complete Security and Awareness training every quarter.


Galactic has developed a comprehensive set of security policies covering a range of topics. These policies are updated frequently and shared with all employees.


All employee contracts include a confidentiality agreement.

Security questions?

If you think you may have found a security vulnerability, please get in touch with
our security team at

Learn more about Galactic by reading our Terms of Services and Privacy Policy.

Estimate your project

or contact us directly at

Thank you!

Your message has been sent.We’ll get back to you in 24 hours.

Back to page

We’ll get back to you in 24 hours

to address your needs as quick as possible.


We’ll prepare an estimation of the project

describing the team compostition,timeline and costs.

Code review

We’ll perform a free code review

if you already have an existing system or a part of it.

Our work was featured in:

Tech Crunch
Business Insider

Beware of fake,phishing and spoof emails!

We have recently become aware that somebody is sending fake,phishing and spoof emails as well as calls with the company name,and/or the work related to online data entry.We have nothing to do with such emails.For more information,read ourprivacy policy.