Integration Protection

Exponea offers the following protections for integrations in our core security:

  • Static IPs
  • TLS/HTTPs API
  • SSH

Static IPs

Included on all types of instances

In order to set up a firewall for a specific IP address of an Exponea server, it is necessary to enable Static IPs for the particular import or webhook.

TLS/HTTPs API

Included on all types of instances

The Exponea app utilizes TLS, in communication within the app and web tracking. TLS is a security protocol designed to facilitate privacy and data security for communications over the Internet.

HTTPS uses SSL/TLS to encrypt normal HTTP requests and responses, making data movement safer and more secure. Data is encrypted in transit in both directions: going to and coming from the origin server and a website that uses HTTPS has https:// at the beginning of its URL instead of http://.

It is beneficial to use HTTPS as it is more trustworthy for users as it guarantees that a website server name is authentic. As a result:

  • Attackers cannot steal or phish data.
  • The user’s usernames and passwords can't be stolen in transit when users enter them into a form.

Certificates

Included on all types of instances

We also use an SSL certificate which verifies that a client is talking to the correct server that actually owns the domain, for tracking and logging into the Exponea app. An SSL certificate is a data file hosted on a website's origin server, containing the website's public key and identity.

This feature is beneficial for your security as devices attempting to communicate with the origin server can verify the server’s identity. In private instances, SSL is also available with your own SAN certificate.

Exponea finally uses the certification authority Let’s Encrypt, to issue certificates as a default option. We also provide an option to use a custom certificate authority.

SSH

Included on all types of instances

SSH tunnel provides protection for the data you transmit via the Internet and import into the Exponea application. It is much more secure to expose the SSH tunnel as the only gateway to your network than leaving your databases and ports open to the internet.

VPN

Private/Exclusive Instance required

For clients who have stricter security requirements will also offer integration protection through our VPN.

Our Site-to-site VPN protects the logins to the Exponea Application, preventing unauthorized access to private instances.

IPsec or Internet protocol security is a protocol suite that encrypts the entire IP traffic before the packets are transferred from the source to the destination. It is capable and responsible for authenticating the identities of the two nodes before the actual communication takes place between them.

Updated 2 months ago

Integration Protection


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.