We develop using Security Development Lifecycle (SDL) by following security assurance practices and compliance requirements. This helps us build more secure software by reducing the number and severity of vulnerabilities in software while reducing development cost.
Our developers are security engineers first and are trained in writing secure code as a requirement. Our test cases always include validating security controls.
We continuously update security requirements to reflect changes in functionality and the threat landscape.
We utilize threat modeling to identify security vulnerabilities, determine risk, and identify mitigations.
Our design has security as a key feature helping us build a secure and robust solution by design.
Our platform is built on a multi-cloud architecture and employs military grade security and encryption technology to protect against potential threats. We follow these best practices:
Consistent firmware updates and security patches.
Security experts perform periodic penetration testing.
Highly resilient DNS design.
Monitoring and protection using industry standard technologies.
Securing applications is our core mission, we employ the same principles that S4 provides to our customers.
Our software engineering leaders ensure best practices, such as OWASP, CWE, BSIMM are followed to properly design and develop the software to meet the most strict security standards.
Security is not a destination but a process. We continuously review and keep up-to-date our technology stack. We review active attack patterns and exploits in the wild to protect our environments and the customers who rely on us.
This is what we call our secret sauce, at DigitSec, we have a security culture. We think about security first whenever we are doing anything and this hypersensitivity makes us diligent in protecting our customers.
Your code and configuration data is sandboxed so that it is protected from other tenants. The sandbox is extended to the data layer ensuring that each customer has unique and independent data stores. Once a user authenticates, they are sandboxed in their own tenant environment.
All transfer is done over secure TLS channels. This is further reinforced by using technologies such as:
HTTP Strict Transport Security
Content Security Policy (CSP)
We provide end-to-end encryption for all network layer traffic protecting your code and configurations in transit.
Your data is protected by encryption keys generated by pseudo-random number generators. Your encryption keys are unique to you and used to provide strong encryption at rest. We use AES-256 to provide enterprise grade encryption.
Your code and configurations only exist during the analysis and are removed from all of our servers. Typically this is anywhere from 5-10 minutes during an analysis. Moreover, we utilize the industry approved method of purging using random data to protect against data recovery. Non-persistent storage is an industry leading method for reducing risk of operations.
Your data is never touched and never leaves your Salesforce environment. This coupled with limited storage provides comprehensive confidentiality of data.
If you require more security controls and operate in highly regulated environments, then we also support on premise installation of our solution.
We are built on a multi-cloud architecture without any platform customizations which does not change the compliance of these platforms. This allows us to extend standard compliance such as GDPR, PCI, HIPAA, and FedRamp of these platforms. Moreover, we comply with the ISO 27001 standard and all of its controls.
Copyright © 2024 DigitSec, Inc. All rights reserved.
