Trust

Engineered for integrity

Your trust is our foundation. Choosing a partner for onboarding and identity verification is a business-critical decision: we therefore uphold high standards of security.

Trust

Engineered for integrity

Your trust is our foundation. Choosing a partner for onboarding and identity verification is a business-critical decision: we therefore uphold high standards of security.

Trust

Engineered for integrity

Your trust is our foundation. Choosing a partner for onboarding and identity verification is a business-critical decision: we therefore uphold high standards of security.

Secure Development Lifecycle

Secure Development Lifecycle

Security is integral to our development process. In our secure software development lifecycle security reviews, automated testing, and expert audits are embedded at every stage.

Threat modeling

Risks are identified early and clear mitigation strategies are defined.

Peer reviews and scans

Every code change goes through rigorous peer review and static analysis to catch vulnerabilities before they reach production.

Dependency management

Third-party libraries and frameworks are continuously monitored for new vulnerabilities, and patches are applied promptly when necessary.

Penetration testing

Independent experts conduct regular penetration tests, and a public bug‑bounty program is maintained to encourage responsible reporting.

Threat modeling

Risks are identified early and clear mitigation strategies are defined.

Peer reviews and scans

Every code change goes through rigorous peer review and static analysis to catch vulnerabilities before they reach production.

Dependency management

Third-party libraries and frameworks are continuously monitored for new vulnerabilities, and patches are applied promptly when necessary.

Penetration testing

Independent experts conduct regular penetration tests, and a public bug‑bounty program is maintained to encourage responsible reporting.

Threat modeling

Risks are identified early and clear mitigation strategies are defined.

Peer reviews and scans

Every code change goes through rigorous peer review and static analysis to catch vulnerabilities before they reach production.

Dependency management

Third-party libraries and frameworks are continuously monitored for new vulnerabilities, and patches are applied promptly when necessary.

Penetration testing

Independent experts conduct regular penetration tests, and a public bug‑bounty program is maintained to encourage responsible reporting.

Certifications

Duna’s security program aligns with international standards and regulatory requirements.

ISO 27001

A global standard in Information Security Management System with formal risk management and continuous control improvements.

ISO 27001

A global standard in Information Security Management System with formal risk management and continuous control improvements.

ISO 27001

A global standard in Information Security Management System with formal risk management and continuous control improvements.

SOC 2

Duna has completed a Type I examination and are advancing through our Type II audit to demonstrate that our controls operate effectively over time.

SOC 2

Duna has completed a Type I examination and are advancing through our Type II audit to demonstrate that our controls operate effectively over time.

SOC 2

Duna has completed a Type I examination and are advancing through our Type II audit to demonstrate that our controls operate effectively over time.

GDPR & Privacy Laws

All data handling practices are designed to meet or exceed EU data protection regulations, with clear policies for consent, data minimization, and data‑subject rights.

GDPR & Privacy Laws

All data handling practices are designed to meet or exceed EU data protection regulations, with clear policies for consent, data minimization, and data‑subject rights.

GDPR & Privacy Laws

All data handling practices are designed to meet or exceed EU data protection regulations, with clear policies for consent, data minimization, and data‑subject rights.

Business Continuity & Reliability

Business Continuity & Reliability

Your onboarding processes are mission‑critical. Duna’s infrastructure is built to maximize uptime and rapid recovery. With event‑sourced architecture and infrastructure‑as‑code capabilities, environments can be rebuilt or event logs replayed quickly, ensuring business continuity even in the face of major disruptions.

Disaster recovery and backups

Regular, encrypted backups are maintained across multiple EU locations, along with an up‑to‑date disaster recovery plan that’s tested at least annually.

High availability

Critical services are deployed redundantly across separate data centers and network zones to prevent single points of failure.

24/7 monitoring and incident response

Automated monitoring alerts our on‑call teams instantly to any anomalies, enabling immediate investigation and remediation around the clock.

Disaster recovery and backups

Regular, encrypted backups are maintained across multiple EU locations, along with an up‑to‑date disaster recovery plan that’s tested at least annually.

High availability

Critical services are deployed redundantly across separate data centers and network zones to prevent single points of failure.

24/7 monitoring and incident response

Automated monitoring alerts our on‑call teams instantly to any anomalies, enabling immediate investigation and remediation around the clock.

Disaster recovery and backups

Regular, encrypted backups are maintained across multiple EU locations, along with an up‑to‑date disaster recovery plan that’s tested at least annually.

High availability

Critical services are deployed redundantly across separate data centers and network zones to prevent single points of failure.

24/7 monitoring and incident response

Automated monitoring alerts our on‑call teams instantly to any anomalies, enabling immediate investigation and remediation around the clock.

Duna Trust Center

Our Trust Center offers detailed insights into our security practices, including the specific controls and policies implemented by our teams. You can explore our compliance standards, request access to comprehensive security documentation, and gain a clear understanding of how we safeguard your data.

Duna Trust Center

Our Trust Center offers detailed insights into our security practices, including the specific controls and policies implemented by our teams. You can explore our compliance standards, request access to comprehensive security documentation, and gain a clear understanding of how we safeguard your data.

Duna Trust Center

Our Trust Center offers detailed insights into our security practices, including the specific controls and policies implemented by our teams. You can explore our compliance standards, request access to comprehensive security documentation, and gain a clear understanding of how we safeguard your data.