Security Overview Docka implements defense-in-depth security across all layers of the platform. Security Layers Authentication JWT tokens, OAuth 2.0, Two-Factor Authentication (TOTP + Email), encrypted backup codes Authorization Role-based access control, multi-tenant isolation, resource ownership verification Encryption AES-256-GCM at rest, TLS 1.2+ in transit, Ed25519 SSH keys Input Protection Parameterized SQL queries, HTML sanitization, Content Security Policy Rate Limiting Per-IP rate limiting, OTP throttling, request size limits Compliance OWASP Top 10 - Mitigations for all common vulnerabilities GDPR - EU data protection compliance SOC 2 - Security controls (in progress)