Technical Security
Overview
π
- Secure
- Protect
- Control
- Secure Dev
- Bug Bounty Program
- Regular Pentest
Secure - secured by default
π
- Secure Code
- Data Center Redundancy
- Network Redundancy
- Power-Supply Redundancy
Protect - protected by default
π
- Instances and Security Groups are closed by default
- Databases fully encrypted and filtered by default
- Secured Access Control Lists on all storage buckets
- Included DDOS Protection of the network
Control - fine-grained access control
π
- Role-Based Access Control to Exoscale organizations
- Two-Factor Authentication supported
- Optional SSO configuration
- Full IAM for all API calls
- Audit Trail for all events
Secure Dev - world-class engineering
π
- Code Review
- Change Management
- Secure Development Practices
Bug Bounty Program - crowdfunded security
π
- Competitive Bounties
- 300 active Researchers taking part in the program
- Bugcrowd a crowdsourced security platform. It is one of the internetβs largest bug bounty and vulnerability disclosure companies.
Regular Pentest - timeboxed assessments
π
- Annual Pentest
- Performed by Third Parties
- Full Product Coverage
