Build Secure Enterprise Applications With Low-Code

Utilize our robust tools and industry-standard protocols to build secure applications. Our security features and platform adhere to global regulations and laws.

A Shield to Protect your Data

Stackyon is serious about protecting your valuable business assets, such as your applications and data. We continue to improve our security features and protocols with resilience.

Our team has taken appropriate measures for authentication, encryption, and authorization. We adhere to the strictest security and privacy standards so that you can interact and transact securely with absolute confidence.

Read More Read less

User Authorization

Set and control access permissions at a granular level using Role Based Access Controls and Multi-Factor Authentication for application and data access and data management.

We ensure that access is provided based on the roles and responsibilities of every employee in your organization. In addition, our granular approach towards security obfuscates and masks data at a field and object level so that important information is available only on a need-to-know basis, thus limiting any possibilities for compromised data.

Read More Read less

Application Vulnerability Testing

We undertake comprehensive Dynamic Application Security Testing (DAST). DAST combines automated web application scanning for detecting OWASP Top 10 and malware with validation for comprehensive analysis of business logic flaws and other complex vulnerabilities.

Daily or on-demand auditing protects Stackyon from defacement and getting black-listed. Our in-house and external expert team also performs periodic manual penetration checks. In addition, the automated scanning tools ensure ongoing addition and detection of zero-day vulnerabilities as they get uncovered.

Read More Read less

End-to-End Encryption

All transactions within the Stackyon platform are encrypted end-to-end. The incoming requests from external sources are validated against the firewall settings, user authentication, and authorization policies to confirm the validity and policy compliance of the data.
From a Data Encryption perspective, we store all sensitive information like data source connection settings that conform to our security policies. Passwords are always encrypted using AES 256 encryption, while transactions with databases use SSL encryption. User authentication is permitted only from known cloud servers to ensure that relevant databases are impossible to access from the external environment.
Read More Read less

Infrastructure Security

Firewall protected –  Stackyon public cloud or shared cloud applications are secured behind the Amazon firewall to prevent unauthorized access. In addition, the network traffic is monitored for identifying suspicious requests.

Any such request is added to our blocked network addresses after initial scrutiny. Stackyon’s centralized message processing broker services validate all incoming messages for authentication and authorization of the user identity. In addition, they are further encrypted to ensure secure transit.

All our sub-domains and applications built and deployed on Stackyon are protected through X509 certificates. In addition, the applications that run on the domain are protected for domain validity.

As a part of our security policies and practices, our Sandbox environments are separated from our Production environments. We run the pre-production environments and implement more granular restrictions on component access on separate VPCs (Virtual Private Clouds).

Read More Read less

Regular Security Patches

Stackyon releases regular security application and network patches to ensure the safety and security of servers or application components. It is done regularly for maintenance without impacting production time. 

In addition, our well-documented procedures and policies adhere to specific guidelines for detecting and addressing vulnerabilities after every major or minor version release.

Read More Read less

ISO Certified Cyber Security

Stackyon follows ISO/IEC 27001 standards for protecting the platform and all its components from various attacks.

We also conduct regular audits to check compliance. All Annex A controls are covered as a part of the scope. ISO / IEC 27001 is an essential international standard for security management that specifies best security practices and comprehensive security controls.
Read More Read less