Security and Performance
Our institutional-grade trading solutions are built on a robust and mission-critical infrastructure to ensure your secure trading business.
Identity and access management
Wyden integrates Keycloak, an open-source Identity and Access Management platform managed by Red Hat. Keycloak offers features such as single-sign-on (SSO), identity brokering and social login, user federation, client adapters, an admin console, and an account management console.
- With this integration, Wyden delegates most of the security-related functionality to Keycloak
- Keycloak handles all user logins: The login functionality is highly customizable and includes features like email confirmation, password resets and 2FA (using Google Authenticator); in addition, it supports password policies and custom login flows
- Users/groups/roles can be synchronized with an LDAP or Active Directory server
- User sign-ups through Google, Facebook, LinkedIn, GitHub, etc.
- Keycloak also comes with an account management console where users can modify their profile settings, passwords and see their session data. This account management console also allows to assign owners to individual resources, e.g. an Wyden portfolio or account, which can be shared with others
- Keycloak comes with an authorization service that can be used to define fine-grained permissions on individual resources (e.g. an Wyden portfolio or an Wyden account) or resource scopes (e.g. trading a particular portfolio, sending orders for a particular account)
- All authorization capabilities are extremely flexible and support users, groups (even group hierarchies), roles (including composite roles), policies, permissions, etc.
- Authorizations therefor can be configured in a very flexible way, e.g. a trader may only be permitted to access his own portfolio, or a risk manager may be authorized to see all system information but not to place any orders, while an admin may be granted permission to assign members to his team
- Keycloak runs as a separate Docker container that can be deployed alongside Wyden
Performance and low latency
- High throughput: Wyden processes up to 500,000 market data events per second on dual CPU 2GHz Intel based hardware
- Low latency: React in real-time to changing market conditions in time frames below one millisecond
- The integrated Hazelcast cache provides an in-memory representation of reference data in the database that can be accessed without any latency
- Automated order recovery after power outages or system crashes
- Customizable notification/logging system based on log4j, including email-logging, text-message logging and portfolio value logging which informs about technical issues and trading related problems
Extensive suite of tools that allow monitoring of the entire system.
- Monitoring of market data, order, tick-to-trade, Hazelcast, or Influx metrics gives detailed insights on the performance of various Wyden sub-systems
- Monitoring of the health state of various Wyden components like adapters, data base, Hazelcast caches, and JVM. The health state of these components is also available via API
- General system metrics like memory consumption, CPU usage, JDBC connections, SQL queries, and HTTP calls
- All relevant data is persisted to the database, from where it can be used for custom reporting and querying
- Integration of MySQL for reference data and transactional data
- Integration of the InfluxDB time series database for storage of live and historical tick data