Stackyon is serious about protecting your valuable business assets, such as your applications and data. We continue to improve our security features and protocols with resilience.
Our team has taken appropriate measures for authentication, encryption, and authorization. We adhere to the strictest security and privacy standards so that you can interact and transact securely with absolute confidence.
Set and control access permissions at a granular level using Role Based Access Controls and Multi-Factor Authentication for application and data access and data management.
We ensure that access is provided based on the roles and responsibilities of every employee in your organization. In addition, our granular approach towards security obfuscates and masks data at a field and object level so that important information is available only on a need-to-know basis, thus limiting any possibilities for compromised data.
We undertake comprehensive Dynamic Application Security Testing (DAST). DAST combines automated web application scanning for detecting OWASP Top 10 and malware with validation for comprehensive analysis of business logic flaws and other complex vulnerabilities.
Daily or on-demand auditing protects Stackyon from defacement and getting black-listed. Our in-house and external expert team also performs periodic manual penetration checks. In addition, the automated scanning tools ensure ongoing addition and detection of zero-day vulnerabilities as they get uncovered.
Firewall protected – Stackyon public cloud or shared cloud applications are secured behind the Amazon firewall to prevent unauthorized access. In addition, the network traffic is monitored for identifying suspicious requests.
Any such request is added to our blocked network addresses after initial scrutiny. Stackyon’s centralized message processing broker services validate all incoming messages for authentication and authorization of the user identity. In addition, they are further encrypted to ensure secure transit.
All our sub-domains and applications built and deployed on Stackyon are protected through X509 certificates. In addition, the applications that run on the stackyon.com domain are protected for domain validity.
As a part of our security policies and practices, our Sandbox environments are separated from our Production environments. We run the pre-production environments and implement more granular restrictions on component access on separate VPCs (Virtual Private Clouds).
Stackyon releases regular security application and network patches to ensure the safety and security of servers or application components. It is done regularly for maintenance without impacting production time.
Stackyon follows ISO/IEC 27001 standards for protecting the platform and all its components from various attacks.