Preventing Unauthorized Product Use. We implement industry standard access controls and detection capabilities for the internal networks that support its products. Access controls: Network access control mechanisms are designed to prevent network traffic using unauthorized protocols from reaching the product infrastructure. The technical measures implemented include Virtual Private Cloud (VPC) implementations, security group assignment, and traditional firewall rules. Intrusion detection and prevention: We implement a Web Application Firewall (WAF) solution to protect hosted customer websites and other internet-accessible applications. The WAF is designed to identify and prevent attacks against publicly available network services. Static code analysis: Security reviews of code stored in our source code repositories is performed, checking for coding best practices and identifiable software flaws. Penetration testing: We maintain relationships with industry recognized penetration testing service providers for annual penetration tests. The intent of the penetration tests is to identify and resolve foreseeable attack vectors and potential abuse scenarios.
Appears in 3 contracts
Samples: Processing Agreement, Processing Agreement, Processing Agreement
Preventing Unauthorized Product Use. We implement industry standard access controls and detection capabilities for the internal networks that support its products. Access controls: Network access control mechanisms are designed to prevent network traffic using unauthorized protocols from reaching the product infrastructure. The technical measures implemented differ between infrastructure providers and include Virtual Private Cloud (VPC) implementations, security group assignment, and traditional firewall rules. Intrusion detection and prevention: We implement a Web Application Firewall (WAF) solution to protect hosted customer websites and other internet-accessible applications. The WAF is designed to identify and prevent attacks against publicly available network services. Static code analysis: Security reviews of code Code stored in our source code repositories is performed, checking checked for coding best practices and identifiable software flawsflaws using automated tooling. Penetration testing: We maintain relationships with industry recognized penetration testing service providers for annual penetration testsproviders. The intent of the penetration tests is to identify and resolve foreseeable attack vectors and potential abuse scenarios.
Appears in 1 contract
Samples: Processing Agreement
Preventing Unauthorized Product Use. We implement industry standard access controls and detection capabilities for the internal networks that support its products. Access controls: Network access control mechanisms are designed to prevent network traffic using unauthorized protocols from reaching the product infrastructure. The technical measures implemented differ between infrastructure providers and include Virtual Private Cloud (VPC) implementations, security group assignment, and traditional firewall rules. Intrusion detection and prevention: We implement a Web Application Firewall (WAF) solution to protect hosted customer websites and other internet-accessible applications. The WAF is designed to identify and prevent attacks against publicly available network services. Static code analysis: Security reviews of code stored in our source code repositories is performed, checking for coding best practices and identifiable software flaws. Penetration testing: We maintain relationships with industry recognized penetration testing service providers for annual penetration testsproviders. The intent of the penetration tests is to identify and resolve foreseeable attack vectors and potential abuse scenarios.
Appears in 1 contract
Samples: Processing Agreement