Tiquo
Advantages of TiquoPlatform OverviewOrganization SettingsAccount SetupAppearance SettingsSubscription & FeesWhat is a Sublocation?Import Your DataCustom Domains
BookingsEnquiriesOrdersOrder ItemsProductsAnalyticsCRMIntegrationsLocationsMarketingMobile AppsOperationsPaymentsTeam
Devices OverviewWeb ApplicationiOS AppAndroid AppPDQ TerminalsAccessories
API IntroductionAuthenticationAdmin APIClient APICustomer AuthenticationTracking Pixel
Security & Compliance OverviewInfrastructure & Platform SecurityIdentity & Access ManagementPayments SecurityThreat Detection & MonitoringData Protection & Compliance
Security & Compliance

Threat Detection & Monitoring

How Tiquo detects, prevents, and responds to security threats

Threat Detection & Monitoring

Tiquo employs a comprehensive, multi-layered approach to identifying and mitigating threats before they can impact your business.

Threat Protection

DDoS Protection

Tiquo protects the platform against L3, L4, and L7 DDoS attacks to ensure stable and resilient availability.

LayerAttack Types Protected
Layer 3 (Network)ICMP floods, IP fragmentation
Layer 4 (Transport)SYN floods, UDP floods
Layer 7 (Application)HTTP floods, slowloris, API abuse

Intelligent Firewall

Our firewall analyses hundreds of signals and behavioural patterns to fingerprint requests:

Request Analysis

Deep inspection of request patterns and payloads

Behavioural Patterns

Track normal vs anomalous traffic patterns

Automatic Challenges

Challenge suspicious traffic before blocking

Real-Time Blocking

Instantly block confirmed malicious traffic

Bot Protection

Our bot protection ruleset filters out automated threats while still allowing legitimate bot traffic:

Traffic TypeHandling
Known Good BotsAllowed (search engines, monitoring)
Suspicious BotsChallenged
Malicious BotsBlocked
Credential StuffingBlocked + rate limited

Brute-Force Protection

Staff accounts are safeguarded from brute-force attacks through:

  • Smart lockouts — Temporary account locks after failed attempts
  • Enforced cooldown periods — Progressive delays between attempts
  • IP-based rate limiting — Prevent distributed attacks

Invisible CAPTCHA

We use invisible CAPTCHAs that:

  • Continuously analyse user behaviour
  • Assign risk scores in real-time
  • Block abusive traffic without interrupting real users
  • Require no user interaction for legitimate traffic

Our approach ensures security without degrading user experience.

Proactive Testing & Continuous Monitoring

Penetration Testing

We conduct automated and manual penetration testing across all systems:

ScopeFrequency
Public-Facing SystemsContinuous + periodic deep testing
Internal SystemsPeriodic testing
API EndpointsContinuous automated testing
Authentication FlowsRegular security assessments

Security Lifecycle

Our comprehensive security lifecycle includes:

Monitoring & Detection

24/7 Monitoring

Round-the-clock monitoring of all systems and services

Anomaly Detection

ML-powered detection of unusual patterns and behaviours

Centralised Logging

All events logged and analysed for security insights

Alerting

Immediate alerts for security-relevant events

Incident Response

Response Process

In the event of a security incident, Tiquo follows a structured response process:

  1. Detection — Automated systems detect potential incidents
  2. Triage — Security team assesses severity and impact
  3. Containment — Immediate actions to limit damage
  4. Investigation — Root cause analysis and evidence collection
  5. Remediation — Fix vulnerabilities and restore services
  6. Communication — Notify affected parties as required
  7. Review — Post-incident review and lessons learned

Communication

We commit to transparent communication with customers in the event of any security incident that may affect their data, in accordance with regulatory requirements.

Continuous Improvement

Our security program is continuously evolving:

ActivityPurpose
Regular AuditsThird-party validation of security controls
Lessons LearnedIncorporate findings from incidents and tests
Industry MonitoringTrack emerging threats and best practices
Framework UpdatesStay current with security standards

This continuous testing framework allows us to detect issues early, maintain strong security hygiene, and uphold the trust of our users.

Summary

CapabilityImplementation
DDoS ProtectionL3/L4/L7 mitigation
Bot ProtectionIntelligent filtering with invisible CAPTCHA
Brute-Force ProtectionSmart lockouts and rate limiting
Penetration TestingAutomated and manual testing
Vulnerability ManagementContinuous scanning and remediation
Monitoring24/7 with anomaly detection
Incident ResponseStructured process with communication plan

Payments Security

PCI DSS compliance, fraud prevention, and secure payment processing

Data Protection & Compliance

How Tiquo encrypts, stores, and protects your data

Sur cette page

Threat Detection & MonitoringThreat ProtectionDDoS ProtectionIntelligent FirewallBot ProtectionBrute-Force ProtectionInvisible CAPTCHAProactive Testing & Continuous MonitoringPenetration TestingSecurity LifecycleMonitoring & DetectionIncident ResponseResponse ProcessCommunicationContinuous ImprovementSummary