Application Level Security
Application
- The system user’s passwords are securely stored in the database.
- Sensitive data such as integration passwords, usernames and/or app keys is encrypted and stored in the database.
- The system web APIs contain a built-in mechanism to prevent brute force attacks.
- System access to DB includes a built-in mechanism to prevent SQL injection attacks.
- Input validation is performed throughout the system for both client and server-side access.
- Playbook/integration are performed by a dedicated Sandbox server with limited access credentials.
Penetration Testing
- A full penetration test is performed on both appliance and application on a periodic basis.
OS Level Security
Network Access
- All communication is performed via HTTPS
- Network Access – Inbound & Outbound traffic is limited to all but necessary ports
- The SSL is provided with a valid, signed certificate
- Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies.
Additional Software
- Software installed on the appliance is limited to only required applications
- All open source software is scanned for Open Source License Compliance.
Operating System Updates
- The Appliances OS is kept up to date for every version release.
Vulnerability Scanning
- The appliance is thoroughly scanned for vulnerabilities on every release, utilizing leading Vulnerability Scanning solutions.
Access Control
- Strong user account credentials are enforced.
- Accounts are locked after exceeding maximum login attempts.
Remote Agent Infrastructure
Remote Agents
- All communication Remote Agents is performed via Job Publisher and limited to one-way communication.
- The Job Publisher data store is encrypted with a key that is not stored locally on the server.
- All data is deleted automatically after a set time period
Need more help with this?
Click here to open a Support ticket