Skip links

STRONG! SAFE! SECURE – A SHIELD FOR YOUR CONFIDENCE!

Stackyon is serious about protecting your valuable business assets – your applications and your data. We have implemented and continue to improve upon and fine-tune the security features and protocols of our platform. Rest confident in the measures we have put security features and protocols of our platform. Rest confident in the measures we have put in place for authentication, encryption and authorization. We adhere to the strictest security and privacy standards to ensure that you are able to interact and transact in a secure manner with absolute confidence.

USER AUTHORIZATION

Stackyon provides the ability to set and control access permissions at a granular level using Role Based Access Controls and Multi-Factor Authentication, for both application access and data access and management. We ensure that access is provided based on the roles and responsibilities of every single employee in your organization. In addition, the granular approach we have taken towards security ensures we are able to obfuscate and mask data at a field and object level to ensure that important information is available only on a need-to-know basis, thus limiting any possibilities for compromised data.

USER AUTHORIZATION

Stackyon provides the ability to set and control access permissions at a granular level using Role Based Access Controls and Multi-Factor Authentication, for both application access and data access and management. We ensure that access is provided based on the roles and responsibilities of every single employee in your organization. In addition, the granular approach we have taken towards security ensures we are able to obfuscate and mask data at a field and object level to ensure that important information is available only on a need-to-know basis, thus limiting any possibilities for compromised data.

APPLICATION VULNERABILITY TESTING

We undertake comprehensive Dynamic Application Security Testing (DAST). This combines automated web application scanning to detect OWASP Top 10 and malwares along with validation for comprehensive analysis of business logic flaws and other complex vulnerabilities. With daily or on-demand auditing, this helps protect Stackyon from defacement and blacklisting. Our team of in-house and external experts also carry out periodic manual penetration checks. In addition, the automated scanning tools ensure ongoing addition and detection of zero-day vulnerabilities as they get uncovered.

APPLICATION VULNERABILITY TESTING

We undertake comprehensive Dynamic Application Security Testing (DAST). This combines automated web application scanning to detect OWASP Top 10 and malwares along with validation for comprehensive analysis of business logic flaws and other complex vulnerabilities. With daily or on-demand auditing, this helps protect Stackyon from defacement and blacklisting. Our team of in-house and external experts also carry out periodic manual penetration checks. In addition, the automated scanning tools ensure ongoing addition and detection of zero-day vulnerabilities as they get uncovered.

END-TO-END ENCRYPTION

All transactions within Stackyon platform are encrypted end-to-end. All incoming requests from external sources are validated against the firewall settings, user authentication and authorization policies to confirm that the data is valid and in-line with our security policies. From a Data Encryption perspective, we store all sensitive information like datasource connection settings conforming to our security policies. Passwords are always encrypted using AES 256 encryption. Transactions with databases are SSL encrypted. User authentication is permitted only from known cloud servers to make sure that relevant databases are impossible to access from the external environment.

END-TO-END ENCRYPTION

All transactions within Stackyon platform are encrypted end-to-end. All incoming requests from external sources are validated against the firewall settings, user authentication and authorization policies to confirm that the data is valid and in-line with our security policies. From a Data Encryption perspective, we store all sensitive information like datasource connection settings conforming to our security policies. Passwords are always encrypted using AES 256 encryption. Transactions with databases are SSL encrypted. User authentication is permitted only from known cloud servers to make sure that relevant databases are impossible to access from the external environment.

INFRASTRUCTURE SECURITY

Firewall protected –  Stackyon public cloud or shared cloud applications are secured behind the Amazon firewall to make sure no unauthorized access has been granted. All network traffic is monitored for identifying suspect requests which are added to our blocked network addresses after initial scrutiny.

Stackyon’s centralized message processing broker services validate all incoming messages for User’s identity for authentication and authorization and they are encrypted for security while in-transit and at rest.

All our sub-domains and applications that are built and deployed on Stackyon are protected through X509 certificates. All applications that run on stackyon.com domain are protected for domain validity.

As a part of our security policies and practices, we also separate our Sandbox environments from our Production environment. All pre-production environments run on separate VPC’s (Virtual Private Clouds). We also provide more granular restrictions on component access on our VPC’s.

INFRASTRUCTURE SECURITY

Firewall protected –  Stackyon public cloud or shared cloud applications are secured behind the Amazon firewall to make sure no unauthorized access has been granted. All network traffic is monitored for identifying suspect requests which are added to our blocked network addresses after initial scrutiny.

Stackyon’s centralized message processing broker services validate all incoming messages for User’s identity for authentication and authorization and they are encrypted for security while in-transit and at rest.

All our sub-domains and applications that are built and deployed on Stackyon are protected through X509 certificates. All applications that run on stackyon.com domain are protected for domain validity.

As a part of our security policies and practices, we also separate our Sandbox environments from our Production environment. All pre-production environments run on separate VPC’s (Virtual Private Clouds). We also provide more granular restrictions on component access on our VPC’s.

REGULAR SECURITY PATCHES

Stackyon releases regular security application and network patches to make sure that servers or application components are safe and secure. We ensure this does not impact production time and is done as a part of regular maintenance check. Our well documented procedures and policies lay down specific guidelines for detecting and addressing vulnerabilities after every major (or minor) version release.

ISO CERTIFIED CYBER SECURITY

Stackyon follows ISO/IEC 27001 standards for protecting the platform and all its components from various types of attacks and regular audits are in place to check for compliance. All Annex A controls are covered as a part of the scope. ISO / IEC 27001 is a key international standard for security management that specifies security management best practices and comprehensive security controls.

Achieve Hyperautomation with
Stackyon Enterprise Application Hub

Stackyon can effortlessly solve complex problems in:

Workflow Orchestration

Business Process Automation

Build New Applications

Customize Existing Applications

Modernize Legacy Applications

Integrate Disparate Systems

Rationalize Application Landscape

Request Demo

Achieve Hyperautomation with Stackyon Enterprise Application Hub

Stackyon can effortlessly solve complex problems in:

Workflow Orchestration

Business Process Automation

Build New Applications

Customize Existing Applications

Modernize Legacy Applications

Integrate Disparate Systems

Rationalize Application Landscape

Request Demo