The Bitwarden tech stack: Built for security and scalability

Building a tech stack that’s scalable, compatible with existing applications, provides key functions, and most importantly, upholds high security standards, is a critical foundation for companies and their future needs. For software companies, this involves a combination of selecting adaptable programming languages, partnering with reliable third party technologies, and establishing developer friendly frameworks. 

Since Bitwarden started, choosing the right technology stack has helped maintain high growth and performance. The tech stack needs to meet two important demands. One, it is the backend infrastructure that enables the Bitwarden team to create great products for customers. Two, it must also meet stringent security requirements. In this article, learn how and why Bitwarden selected current technologies in use and how these adopted applications help support high performance, security, and scalability.

Bitwarden selects tools and platforms with a security-first vision across open source and commercial technologies. Millions of users and enterprises around the world trust Bitwarden to protect their online information. From server, to browser, to mobile, and desktop applications, the Bitwarden technology stack is core to everything running smoothly. Here’s an overview of the technologies in use. 

The Bitwarden codebase made an official debut in August 2016 on GitHub and is available for anyone to view and contribute to. By making the source code publicly available, Bitwarden provides absolute transparency into the software solution — a requirement for the utmost security and trust.

Visual Studio Code is one of the preferred integrated development environments (IDE) for expediting code development. Visual Studio Code helps developers deploy quickly, while remaining secure during the product development and release cycle.  

The Bitwarden cloud service is hosted on Microsoft Azure. Data is secured and managed in the Azure cloud. There is no physical infrastructure for Bitwarden to manage and maintain and all uptime, scalability, security updates, patching, and guarantees are supported by the Microsoft cloud infrastructure.

In addition to Azure for hosting Bitwarden cloud, Bitwarden offers integration with customers’ Azure Active Directory configurations. This Bitwarden and Azure data sheet explains the combined benefits of Bitwarden and Azure AD and how they help streamline employee onboarding and user management with seamless, automated provisioning.

Amazon Web Services (AWS) provides  cloud email services. With this functionality, Bitwarden is able to reliably communicate with customers. In addition to AWS, SendGrid also assists in sending emails to ensure users receive important information about their account. 

Bitwarden utilizes Cloudflare, a cloud network, as an additional measure to safeguard the application. Cloudflare helps to ensure security, functionality, and performance. It does this by blocking malicious actors, accelerating traffic, and hosting serverless code. Cloudflare also monitors web traffic for suspicious and unusual activity.

For performance monitoring and maximum application uptime, Bitwarden uses Datadog observability software. Datadog monitoring provides IT security and DevOps teams alerts to any anomalies in the application infrastructure. These alerts trigger notifications to make sure the issue at hand is proactively addressed.

Microsoft SQL Server supports a variety of transaction processing and analytics, while allowing the ability to integrate data to a multitude of services, at scale. SQL Server is compatible with .NET, making it an easy decision for Bitwarden to use as the application is built on this open source developer platform.

ASP.NET Core, a free, open source framework for building web apps and services, facilitates the role of server development by providing a cloud-enabled framework. The Microsoft SQL server database provides a well recognized approach to data handling, and also enables Bitwarden to give customers the ability to self-host. With self-hosting, users have the option to control how and where their password management solution gets deployed. Self-hosting provides autonomy for security-conscious users and specifically for enterprises gives them the ability to fit within their existing infrastructure.

Electron, an open source, cross-platform software framework compatible with JavaScript, HTML, and CSS, supports the Bitwarden desktop application, and provides consistency for the application to be deployed across Windows, MacOS and Linux.  

Another key tool in the Bitwarden tech stack is Xamarin, which enables Bitwarden to support Android and iOS apps with a common code base. With its free and open source roots and because it is built with .NET, Xamarin was a natural choice for Bitwarden to expand its multi-platform approach. After evaluating other javascript-based mobile app frameworks, Xamarin proved to be the most mature and feature-complete.

Bitwarden is proud to pursue a strategy that continues to make the digital world a more secure and collaborative environment for individuals and organizations worldwide. Partnering with companies that share the same security-first vision gives Bitwarden a competitive edge in an ever-changing technology world. 

Ready to level up your security with Bitwarden? Register today for a free Bitwarden account, or begin a 7-day free trial of our business plans to protect your team and company colleagues online.