Technologies and Architectures Used

BMP takes pride in using a robust set of technologies and architectures to deliver high-quality, secure services:

  • Languages: C# for backend and JavaScript for frontend.
  • Frameworks: .NET for C# applications, VueJS for user interfaces, with Dapper and Entity Framework for data access.
  • Databases: SQL Server for reliable data storage.
  • Infrastructure: Azure DevOps for CI/CD, DataDog for monitoring, and AWS for cloud hosting.

Security at BMP

Commitment to Excellence in Security

BMP prioritizes security above all else, investing substantially in technical and financial resources to ensure that our partners operate in a safe and trustworthy environment. Based in Brazil, our team employs proprietary frameworks and follows industry best practices to guarantee data and operational protection.

Global Collaboration and Recognized Practices

Our security management is strengthened by collaborations with international companies and specialists, particularly from Israel, a recognized leader in cybersecurity. This allows us to maintain a high security standard and stay ahead in protective practices and technologies.

Advanced Protection Strategies

We implement a series of strategies to ensure the integrity and security of our environments:

  • Segregated and Replicated Environments: We operate across multiple geographies to ensure redundancy and resilience.
  • Secure Development: We follow market standards such as NIST, OWASP, and ISO and utilize DEVSECOPS tools like VeraCode for SAST and DAST analyses.
  • Robust Authentication: Our systems are accessed via public and private keys following the OAuth 2 model, without password exchanges, complemented by our custom SSO configured according to client needs.
  • Encryption and Communication Security: We adopt HMAC encryption and conduct secure handshakes to protect communications between BMP and its partners.

Continuous Monitoring

To continuously verify the effectiveness of our security practices, we conduct periodic PENTESTs, both internally with our Blue and Red Teams and externally with specialized firms like NTSEC and RedBelt.

We use TRENDMICRO with each release to standardize and certify our cloud platform solutions, establishing unified threat visibility, enabling rapid detection and response, and applying advanced defense techniques to our AWS and Microsoft-based system architecture.

This section outlines our commitment and practices to maintain a secure environment, reflecting our dedication to security at all levels of our operation.

Was this page helpful?