Security

A Safer Identity

探花大神 creates a safer identity for our customers. Our customers trust us with some of their most confidential secrets and we reciprocate that trust by putting security first. We understand we鈥檙e asking you to trust us, and we want to make sure you鈥檙e comfortable with our security practices, so that you know your identity is well-protected.

Independent Assessments and Audits

探花大神鈥檚 environments and products are continuously scanned for vulnerabilities. We conduct external penetration tests performed at least annually. The results of these scans and tests are integrated into our development workflow to be addressed based on criticality, and our vulnerability management policy.

探花大神 has completed a SOC 2 Type 2 examination and achieved ISO 27001 certification for the open directory platform. You can request to view the results of this examination by emailing [email protected]. Signing a nondisclosure agreement is required to receive access to the full report.

Secure by Design Development

探花大神 uses static (SAST) and dynamic analysis tools (DAST) to improve the security of our development process in the build pipeline. We also evaluate source code, dependencies and combine this with analysis of both exploitability trends as well as simple versioning as a function of our SSDLC. We institute change controls across our production environments and security controls as best practice to continuously improve our capability-maturity model.

Vulnerability Disclosure

探花大神 maintains a Vulnerability Disclosure Program to enable security researchers to securely report vulnerabilities they may have found.

Transmission Encryption

As a cloud-based service, 探花大神 securely transmits data over public networks using industry best practices encryption. This includes data transmitted between 探花大神 agents and our public endpoints. Across our broad array of authentication protocols, including LDAP, RADIUS, SAML, and our agent-based binding for computers and servers, we support the latest recommended secure cipher suites to encrypt all traffic in transit, using TLS 1.2 and above.

At-rest Encryption

All databases are safeguarded with encryption to prevent data access by unauthorized parties, and all applications that contain sensitive data are additionally protected with encryption using industry best practices ciphers and key lengths for all data at rest.

Access Controls

Users are access controlled with multi-factor authentication and use strict roles-based access controls management supporting key the principles of separation of duties, least privilege and audit.

Data Protection

Please contact 探花大神 through our Data Privacy Officer at [email protected] if you鈥檇 like us to forget/delete your data. Note that we have a process to verify the authenticity of the administrator requesting the data deletion, so we cannot delete data from requests by automated services like Deseat.me. If you are a data subject and not an administrator of the organization, please contact the administrator prior to submitting a request. Refer to the data deletion section of our GDPR page for more information.

Resiliency

探花大神 follows industry best practices to ensure that our environment is highly distributed and resilient. Our infrastructure is highly-available across cloud availability zones and covers multiple geographic regions. Each of our services are designed to be highly available, with a philosophy of degradation before disruption. Our production services are replicated among these different regions to protect the availability of 探花大神 services in the event of a location-specific disaster event.

Employment

All of 探花大神鈥檚 employees undergo background checks and are required to undergo mandatory security awareness training security awareness training upon hire, and annually thereafter.

探花大神

Use Cases

Identity Management

Access Management

Device Management

SaaS Management

Become a Partner

Partner Resources

Engage

Learn

Support