Discussing Typesense Cloud Security and SOC Certifications.
TLDR Pradyuman questioned the security practices of Typesense. Kishore Nallan explained their practices but noted the lack of external auditing. Pradyuman recommended auditing tools and Jason agreed to consider them and to discuss their system's security over a call.
Nov 27, 2021 (24 months ago)
We'd like to use a hosted version of Typesense if possible, but we'll be indexing PII and need to have confidence that there isn't significant risk of a data breach on your end.
Kishore Nallan05:28 AM
Kishore Nallan05:31 AM
a) Every Typesense cluster runs on isolated infrastructure so every customer's data is isolated
b) Data is encrypted at rest on disk
c) Machines have SSH disabled
d) SSO based login (Github auth)
Kishore Nallan05:33 AM
For us, it's more just generally being comfortable with your security practices so we can feel confident there's not a risk of a data breach. So any documentation on that front would be super great (alongside any information regarding pen test cadence / bug bounty program). I'm happy to chat through this briefly on call too if you don't have official documentation yet. As long we're comfortable with the current state of the system and you have a path towards a more comprehensive and well documented program, that will probably be sufficient for us at the moment.
We've used both and have gotten completed audits within 4 weeks (happy to make referrals to auditors if this is something you're interested in).
For now, we don’t have this documented anywhere but happy to talk you through our practices over a quick call. Will email you with my availability.
Indexed 2779 threads (79% resolved)
Discussing Dataset Indexing and Instance Reboots
Thomas asked questions about dataset indexing and instance reboots. Kishore Nallan clarified that endpoints are synchronous for indexing, re-indexing happens on instance restarts, and upgrades shouldn't cause issues. CPU speed is identified as a bottleneck during this process. They suggested using CRIU for periodic RAM dumps to avoid re-indexing on reboot.
Inquiry and Troubleshooting of Typesense Cloud
Alex is addressing memory usage, import, and bandwidth issues with Typesense Cloud. Jason helped determine the issues and offered solutions, including in-place upgrades and potential use of Cloudflare for security.
Discussing Typesense Cloud's SSDs, NVMe, and Resources Needed
A asked about Typesense's storage type and configuration possibilities. Jason shared that they use SSDs and suggested NVMe SSDs for high-availability instances. They discussed server resources needed for specific user cases and briefly touched on DDoS protection via Cloudflare.