“
All data is masked and encrypted in transit, during processing and at rest. We protect our own code using this amazing tool called Carbonetes…we highly recommend it ;). As a result, we are on top of any new vulnerabilities that might affect us. But the process doesn’t store customer code anyway.
“
AES-256 (American Encryption Standard)
We would look pretty silly if we, a security company, got hacked. So we use state actor level security.
“
We update security policies at least once a year for the necessary things to be updated, and we consider other updates to stay ahead of potential threats and aim to minimize lateral attacks.
“
We Follow Security Standards and Policies that aim to minimize lateral attacks. This plays a critical role in our reputation in protecting our company and customers, by staying compliant with regulations, security patches, and security policy standards.
“
Our company has access to customer data and metadata from the use of our cloud service. All of that is encrypted and isolated. We do not have access to your code. The metadata we store is crucial to our identifying and addressing issues such as performance and other operational issues.
“
Our analyzers get regular feeds of the latest vulnerabilities. Our prioritization tools such as CVSS and EPSS are also updated constantly. All you have to do is set your policy(s) to catch vulns by priority and any new vulns will be flagged and surfaced to your attention.