Exponea provides a comprehensive set of security features to ensure that your customer data remains safe. These include:
- Audit log
- Vulnerability scan
- Exponea Single Sign-On
- DDoS Protection
- SSH tunnels
- Integration Protection
- Access controls
Our Core Security features ensure endpoint security, vulnerability management, quality assurance, monitoring and incident management. Furthermore, our Enterprise features package ensure compliance with stricter regulations required for multinational brands.
At Exponea, we ensure a secure set-up. This includes two-factor authentication (2FA) through either SMS or an App Authenticator, and/or a captcha challenge-response test when signing in. We use Google Load Balancer with firewall rules to protect load-balanced resources. We also use TLS, SSH and VPN options to encrypt traffic within the Exponea application.
Webhooks and imports may use static IPs if our clients require this level of security. Finally, our application and infrastructure are monitored and logged.
We understand some of our clients require additional security. When working with sensitive data, such as banking or telecommunications sector data, we implement extra measures to increase the level of security of their data.
We, therefore, provide an additional layer of features for enterprise clients, including enhanced security and access management.
Both our core and enterprise security utilize our Private and Public APIs, which enable you to control your customer’s data.
Using our dedicated Exponea Private API, you can securely send and download data from Exponea, allowing you to fulfill Subject Access Requests required under GDPR. This API is not publicly available and works only inside your VPN environment.
We use both a Public and Private API:
- Our Public API is used for web tracking and web personalization and uses a public token
- Our Private API uses a private token and secret.
We take care that all of our endpoint devices are protected according to our Endpoint Security Policy. This includes that all of our endpoint devices have disc encryption, malware protection, guest access disabled, firewall, and have regularly updated OS. In addition, we perform regular checks to make sure that we maintain this high level of security.
Our security monitoring is performed on information collected from internal network traffic and the knowledge of our vulnerabilities. Internal traffic is checked for any suspicious behavior. Network analysis and examination of system logs in order to identify unusual behavior are a vital part of monitoring. We place search alerts on public data repositories to look for security incidents and analyze system logs.
Exponea has a vulnerability management policy that includes processes such as regular web scans and scans for potential threats. Once a vulnerability requiring our attention has been identified, it is tracked, given a priority according to how urgent it is, and assigned to relevant people as a ticket. Our security team tracks such issues and follows up regularly until they can check that the issues have been resolved.
Exponea has well-defined incident management processes for security events that may affect the confidentiality, integrity, or availability of our client’s resources or data. If an incident occurs, the security team identifies it, reports it, assigns it to the correct resolver and gives it a resolution priority based on its urgency. Events that directly impact our customers are always assigned the highest priority and shortest resolution time. This process involves plans of action, procedures for identification, escalation, mitigation, and reporting.
Updated about a month ago