Our actions show how seriously we take security
Overview
Our team has a history of working with extremely sensitive data, in-depth security knowledge and has built extremely secure systems. We’ve used all of this expertise to build and design AnalyticsVerse to be a robust and secure service. Our security program includes securing all fronts of processes, people, and application security.
AnalyticsVerse service is distributed across multiple AWS data centers to ensure high availability and quick restoration in case of failures.
Highest security standards
Audits and Certifications
As part of our security program, AnalyticsVerse goes through internal and external audits frequently. AnalyticsVerse also commits itself to ensure high application security by undergoing regular third-party VAPT (Vulnerability and penetration testing) testing. We are also an ISO 27001 certified organization and have all our security policies and processes in place in line with the gold standard in information security. View our certificate
here.
All data at rest and in motion is encrypted
Data Encryption
All data that is stored and processed within AnalyticsVerse is encrypted at rest and in motion. AnalyticsVerse employs AWS best practices to ensure the database is secured and only accessible within the VPC and strict firewall settings are in place. State-of-the-art cryptographic algorithms are used to ensure the safety of your data.
Temporary access to your .git folder
Secure data handling and Destruction
AnalyticsVerse will pull the metadata of your repositories (.git folder) in a safe and per tenant containerized environment. Once the processing is done, the data is deleted and the infrastructure used to compute is also destroyed. AnalyticsVerse never stores your code in our ecosystem, however, we do store the analytics on top of it to provide the solution via our platform.
Read-only token stored securely with zero human access
Access tokens and Employee access points
We do understand the importance of the access tokens and what value that random string has, we never store it in any plaintext form in our database. We make use of AWS services specially designed to store secure tokens in a special and hardened environment. All tokens are under the user's control and can be revoked at any point in time.
No one within AnalyticsVerse has access to your codebase. We however on a need-to-know basis will grant access to our production environments to our employees to ensure a functional and correct platform.
Secured using oAuth 2.0 protocol and RBAC across the platform
User Authentication and Authorization
To enhance the security posture of our services, AnalyticsVerse makes use of a third-party identity provider to manage authentication. We make use of the oAuth 2.0 protocol to ensure only the authenticated users have access to our services. AnalyticsVerse platform also provides a way for role-based access control of our platform, meaning you can add users with different roles and permissions on the platform and we will manage the authorization. You can also create your own roles and define the access level that a user can have on our platform.
"A grade" security headers with frequent checks using tools like OWASP ZAP suite
Use of Security headers and Open source tools
All requests from the Internet to servers of AnalyticsVerse are encrypted using SSL. To protect AnalyticsVerse services from various attacks we make use of Security Headers. You can check out our current grade
here. AnalyticsVerse development practices also involve timely use of open source tools like OWASP ZAP suite to simulate attacks and find vulnerabilities within our applications.
All payment information processed and stored by Stripe
Payment Information
We use third-party service Stripe for processing and storing payment information. From a security point of view Stripe is responsible for storing and securing payment-related information on AnalyticsVerse. Stripe is a PCI Level 1 Service Provider which is responsible for storing Payment Information. Stripe is also SOC 2 Type 2, SOC 2 Type 1, SOC 1 Type 1, and SOC 1 Type 1 certified.