The Spritz platform is built on AWS, following the best practices outlined in the AWS Well-Architected Framework , specifically regarding security. All data is encrypted in transit and at rest using AES-256, facilitated by AWS Key Management Service. Developer access to our backend is protected with MFA and secrets rotation. Backend services are built based on principles of least privilege, which limits the potential blast radius of any potential security breach. Our services run in an isolated VPC, and network ingress is protected by an authorized API Gateway.