Brassica is a part of BitGo
pointer

      CONTACT SALES
      • PLATFORM
      • USE CASES
      • ABOUT
      • RESOURCES

      People and infrastructure you can trust

      We deploy best-in-class practices and tools to maintain security on all levels.

      People and infrastructure you can trust
      COMPANY

      Security with Brassica

      Authentication and authorization

      Brassica maintains strict role-based access control across all our internal and external systems. Access to all critical services requires SSO or multi-factor authentication where available.

      External audits

      An annual independent audit of policies and procedures is conducted at Brassica. This includes reviewing the Information Security Policy, Third-Party Risk Management Policy, Business Continuity Policy, Incident Response Policy, and data privacy practices.

      Vulnerability & Risk Management

      Brassica continuously performs internal vulnerability scans to identify and remediate potential system vulnerabilities. Regular risk assessments are conducted to ensure a comprehensive understanding of security, availability, and privacy risks in products and services.

      Vendor Management Risk management

      Brassica implements third-party management policies and procedures to protect assets and data accessible by vendors, ensuring information security and service delivery standards are met.

      Background checks

      Brassica conducts background checks on all applicants selected for full-time employment.

      Training

      All Brassica employees are required to complete annual security training.

      Policy Checklist Data and Privacy Incident Response Business Policy Data Security
      INFRASTRUCTURE

      Infrastructure security

      Privacy

      Brassica is committed to compliance with all applicable financial and data privacy laws.

      External audits

      Brassica conducts an annual external independent audit — penetration testing, vulnerability scans, and information security.

      Audit logs

      Brassica collects audit trails, covering every write operation in Brassica’s ecosystem.

      Data encryption

      Brassica encrypts all data, with the strongest encryption available with at least the standards of (AES-256-GCM) and (TLS 1.2).

      Hosting and Segmentation

      Brassica’s uses a Tier 1 Cloud Provider to host fully segregated sandbox and production environments.

      Network

      Brassica uses ACLs and Web Application Firewalls amongst other network security tools to audit and detect abnormal behavior.

      End-to-End Encryption Running security check ... Scheduled 1 min ago 17 mins ago 53 mins ago Success Success Success Success Success Scheduled Scheduled Completed Completed Completed Completed Completed
      PRODUCT

      Product security

      API token scopes

      Customer tokens restrict API resources to only what is enabled for a specific customer, and limit token exposure to individual customers. API tokens are set to automatically expire in one year. Brassica lets you customize expiration dates to enforce stricter security policies in your organization.

      Client Login

      They include built-in Two Factor Authentication (OTP) and customizable expiry that your systems can rely on. Brassica helps you track and log your account and organizational access.

      Roles and permissions

      The Brassica dashboard includes built-in roles and permissions for your team members. This ensures that access to information on a need-to-know basis only.

      Roles & Permissions Read Write Cards Statements Accounts Transactions Authorizations Payments Customers Webhooks Customer Tags Cards Sensitive
      AVAILABILITY

      Availability

      Redundancy

      Brassica ensures high availability, improving recovery times and providing access to second availability zones.

      Backups

      We backup all production data and all backups are geo-replicate backups within the same judicial data boundary.

      Monitoring

      We continuously monitor the platform and post real-time updates to our public status page.

      Business continuity

      We have a comprehensive business continuity plan that we activate put into action when facing disruptions. To ensure its effectiveness, we conduct annual tests. This rigorous testing process enables us to fine-tune the plan, allowing us to handle any unforeseen circumstances with confidence.

      System Operations Past Incidents Dashboard Updated 3 hours ago Updated 1 hour ago Updated 2 minutes ago API 0 Sandbox No incidents Recorded
      REPORTS

      Reporting a potential security concern

      Brassica encourages everyone to follow responsible disclosure procedures when reporting security issues that surround our products, services, websites, or infrastructure. We are committed to engaging with anyone reporting security vulnerabilities in a positive, professional, mutually beneficial manner that protects our customers.

      To report a security bug, please contact us at:
      security@brassicafin.com
      Background image for footer
      JOIN THE #brassica FAMILY

      Bring financial features to life and start building — today

      CHAT WITH AN EXPERT
      Background image for footer

      Disclaimer: Distributions and tax reporting capabilities are under development are not currently available. Digital asset services are not currently available and remain subject to regulatory approval.

      Information provided on this website is for informational purposes only and should not be relied upon as advice, whether legal, regulatory, indicating suitability, or otherwise.

      “Brassica” refers to entities that are offered through the wholly-owned subsidiaries of Brassica Technologies Inc., a Delaware Corporation.
      Brassica Services LLC is an SEC-registered transfer agent established in Texas.
      Brassica Trust Company LLC is a Wyoming-chartered public trust.
      The information on this website is for informational purposes only. Brassica seeks to make this site as accurate as possible and any information or opinions contained herein have been produced or reproduced by Brassica based on information obtained from sources believed to be reliable, but which has not in all cases been independently verified. Brassica, and its members, managers, officers, affiliates, employees, and the like, make no guarantees, representations, or warranties as to the accuracy and completeness of the information contained herein. Brassica is not providing any investment, tax, or legal advice, and any person seeking such advice should confer with their own independent advisors, tax professionals, and legal counsel.

      Unless specifically stated otherwise, nothing on this website constitutes an offer to purchase or sell any security or investment product, nor does it constitute professional advice. For the avoidance of doubt, any product and service mentioned in this website are not offered to any person or entity in any jurisdiction or country where the advertisement, offer, solicitation, provision, or sale of such product and service is restricted or prohibited by law or regulation, or where Brassica or any of its affiliates would be subject to any regulation or licensing requirement.

      References on the website to any names, marks, products or services of third parties or hypertext links to third party sites or information do not constitute or imply an endorsement, sponsorship, or recommendation of the third party, information, product or service by Brassica. Brassica does not endorse or make any warranties or representations about any site you may access through the website. Any links to other sites are provided for convenience only. If you access any third-party website through the website or otherwise, you do so at your own risk.

      © 2024 Brassica Technologies Inc.