Platform Security

AgentDesk is built with multiple layers of security to protect your data and your users.

Rate limiting

To prevent abuse, AgentDesk limits how many requests can be made in a given time period. Login attempts are especially restricted to protect against brute-force attacks.

Input validation

All data submitted through forms and the portal interface is validated before processing. Invalid or unexpected data is rejected, protecting against common web security issues.

Secure connections

All communication with AgentDesk uses encrypted HTTPS connections. Security headers are applied to all responses to prevent common browser-based attacks like clickjacking and content sniffing.

Webhook verification

When AgentDesk receives updates from external services (like Jira or GitHub), it verifies the authenticity of each message using cryptographic signatures. This ensures that only legitimate updates are processed.

Error handling

Error messages shown to users are generic and do not reveal internal system details. This prevents potential attackers from gathering information about the system.

Regular security practices

• Passwords are hashed with industry-standard algorithms
• Sessions expire automatically after a period of inactivity
• Role-based access ensures users only see what they are authorised to see
• All credentials and secrets are encrypted at rest