We use Secure Websocket connections for all application data. All our real-time application connections are made through WSS (Web Services Security), which ensures that all information gathered is over channels that are secured and encrypted. All traffic to Applauz connects only through HTTPS.
Our servers and databases are hosted on AWS (Amazon Web Services) using white-listed IP addresses and VPCs. Our databases are behind an IP white-list that only allows direct connections from servers inside our private network.
Effectively this means that we have complete control over who can access our network. It also means our entire IT infrastructure is run through an industry-standard encrypted IPsec VPN. Applauz meets or exceeds all requirements outlined by OWASP’s Top 10 Most Critical Web Application Security Risks.
OWASP’s Top 10 Most Critical Web App. Security Risks:
- Injection
- Broken Authentication and Session Management
- Insecure Direct Object References
- Security Misconfiguration
- Sensitive Data Exposure
- Missing Function Level Access Control
- Cross-Site Request
- Forgery (CSRF)
- Using Components with Known Vulnerabilities
- Unvalidated Redirects and Forwards
Amazon Web Services:
All of our servers and services are protected using AWS's best practices recommendations, including using AWS WAF (web application firewall), AWS Guard Duty for security notifications and AWS CloudWatch for logging and viewing suspicious activity.
At Applauz, we adhere to the AWS Security Best Practices policy. In short, we guarantee that all your information is 100% secure, and as an added layer, we ensure that we will not transfer any accrued company information or personal information to any other source. It is all kept in-house, and your data will never be shared with any third party.
For more information on Data Security:
Download AWS Best Practices.