The Bitwarden tech stack: Built for security and scalability

Building a tech stack that’s scalable, compatible with existing applications, provides key functions, and most importantly, upholds high security standards, is a critical foundation for companies and their future needs. For software companies, this involves a combination of selecting adaptable programming languages, partnering with reliable third party technologies, and establishing developer friendly frameworks. 

Since Bitwarden started, choosing the right technology stack has helped maintain high growth and performance. The tech stack needs to meet two important demands. One, it is the backend infrastructure that enables the Bitwarden team to create great products for customers. Two, it must also meet stringent security requirements. In this article, learn how and why Bitwarden selected current technologies in use and how these adopted applications help support high performance, security, and scalability.

Bitwarden selects tools and platforms with a security-first vision across open source and commercial technologies. Millions of users and enterprises around the world trust Bitwarden to protect their online information. From server, to browser, to mobile, and desktop applications, the Bitwarden technology stack is core to everything running smoothly. Here’s an overview of the technologies in use. 

The Bitwarden codebase made an official debut in August 2016 on GitHub and is available for anyone to view and contribute to. By making the source code publicly available, Bitwarden provides absolute transparency into the software solution — a requirement for the utmost security and trust.

Visual Studio Code is one of the preferred integrated development environments (IDE) for expediting code development. Visual Studio Code helps developers deploy quickly, while remaining secure during the product development and release cycle.  

The Bitwarden cloud service is hosted on Microsoft Azure. Data is secured and managed in the Azure cloud. There is no physical infrastructure for Bitwarden to manage and maintain. By leveraging Azure's offerings such as Azure Kubernetes Service, Bitwarden is able to provide a reliable service while utilizing leading cloud native standards from CNCF.

Amazon Web Services (AWS) provides  cloud email services. With this functionality, Bitwarden is able to reliably communicate with customers. In addition to AWS, SendGrid also assists in sending emails to ensure users receive important information about their account. 

Bitwarden utilizes Cloudflare DNS to ensure performant and resilient DNS resolution. Fastly is the Bitwarden edge provider that handles edge security, routing, caching and delivery. Fastly's flexible architecture and configurations help Bitwarden iterate quickly while ensuring excellent user experience.

For performance monitoring and maximum application uptime, Bitwarden uses Datadog observability software. Datadog monitoring provides IT security and DevOps teams alerts to any anomalies in the application infrastructure. These alerts trigger notifications to make sure the issue at hand is proactively addressed.

Microsoft SQL Server supports a variety of transaction processing and analytics, while allowing the ability to integrate data to a multitude of services, at scale. SQL Server is compatible with .NET, making it an easy decision for Bitwarden to use as the application is built on this open source developer platform.

ASP.NET Core, a free, open source framework for building web apps and services, facilitates the role of server development by providing a cloud-enabled framework. The Microsoft SQL server database provides a well recognized approach to data handling, and also enables Bitwarden to give customers the ability to self-host. With self-hosting, users have the option to control how and where their password management solution gets deployed. Self-hosting provides autonomy for security-conscious users and specifically for enterprises gives them the ability to fit within their existing infrastructure.

Electron, an open source, cross-platform software framework compatible with JavaScript, HTML, and CSS, supports the Bitwarden desktop application, and provides consistency for the application to be deployed across Windows, MacOS and Linux.  

The Bitwarden mobile apps are developed in their on native languages for their operating systems - Swift for Apple iOS and Kotlin for Android. Using these languages improves the performance of the applications, resulting in a snappier UI, faster screen transitions, and button responses. Additionally, these applications are able to take advantage of platform-specific enhancements to security, privacy, and other integrated features in the mobile operating systems.

Bitwarden is proud to pursue a strategy that continues to make the digital world a more secure and collaborative environment for individuals and organizations worldwide. Partnering with companies that share the same security-first vision gives Bitwarden a competitive edge in an ever-changing technology world. 

Ready to level up your security with Bitwarden? Register today for a free Bitwarden account, or begin a 7-day free trial of our business plans to protect your team and company colleagues online.

Editor's note: Updated 10/2/2024 to reflect new tools and languages in the Bitwarden tech stack.