eSolia Courier is built with security at its core, following international standards to protect your data.
Courier relies on Nexus for core security features including OAuth, file storage, and share management.
View Nexus SecurityAll data is encrypted in transit with TLS 1.3 and at rest. Files stored securely in Cloudflare R2.
OAuth 2.0 with PKCE authentication. Role-based permissions ensure users only access what they need.
Minimal data collection, passwordless authentication, and comprehensive audit trails.
Powered by Cloudflare's edge network with built-in DDoS protection and rate limiting.
Designed to help you meet FSA cybersecurity guidelines and ISO 27001 requirements.
Built following OWASP Top 10 guidelines with regular security audits and code review.
We address each OWASP Top 10 risk category with specific security controls:
Broken Access Control
OAuth 2.0 + PKCE, role-based access
Cryptographic Failures
TLS 1.3, R2 encryption at rest
Injection
Parameterized queries, CSP
Insecure Design
Security-first architecture
Security Misconfiguration
Secure defaults, strict headers
Vulnerable Components
Regular audits, dependency scanning
Auth Failures
Rate limiting, magic link auth
Data Integrity
Nexus HMAC signing, audit logs
Logging Failures
Comprehensive security logging
SSRF
No external requests
Want to know more about our security implementation?
Report security vulnerabilities to security@esolia.co.jp