website logo
HomeTwitterLinkedInLogin ➡️
⌘K
Overview
Getting started
The Intelligent IaC Difference
Connect Cloud Accounts
AWS Account
Azure Subscription
GCP Project
Managing Cloud Accounts
What are Accounts
Credentials
Scanning Options
Changelog
Compliance
CI/CD
IaC Explorer
IaC Explorer Overview
Codifier
Generating Terraform
Terraform Remote State File Integration
IaC Catalog
Overview
Getting Started
Configuration
Producer Flow
Consumer Flow
Reference
GraphQL API
Management
Security
Feedback/Contact
Docs powered by
Archbee
Security

Security practices

8min

AutoCloud is secure. We are SOC2 compliant.

Our Security Practices

Architecture

AutoCloud infrastructure is built to exceed CIS level I benchmark compliance.

Designed in accordance with AWS's Well Architected Framework best practices around security, privacy, & compliance.

Encryption

All communication, both internal & external is encrypted with TLS1.2. All data is encrypted at rest, regardless of storage method. Queue messages are software-encrypted on top of queue encryption.

Authentication & Authorization

All system access is provided through strict identity access management (IAM) frameworks, via roles and permissions following the Least Privileges principle.

Network Security

Multiple layered firewalls deployed for all components.

Strict segregation of application components and environments with multiple concentric security perimiters to implement defense in depth.

Active threat detection deployed at multiple application layers for rapid detection and mitigation of network attacks and intrusions.

Application Security

All application software is scanned for vulnerabilities as a part of our build process, both in AutoCloud’s codebase and the package dependencies it relies on.

Automation

Development, testing, deployment, monitoring and analysis of data and systems is done with the smallest amount of human action & intervention to minimize security & privacy risk and maximize performance & reliability.

Automation authorization is segregated by role to further reduce security & privacy risk in the event of a vulnerability.

Access Credentials

Account access is provided through user generated service accounts, with graceful failure in the face of insufficient privileges. Use only the features that you are comfortable with.

AutoCloud recommended permissions include only those necessary to perform requested actions. No write permissions are ever requested, preventing modification of user systems in any way.

All service credentials required for access are stored with multiple, orthogonal encryption methods to ensure that account tokens are only available to appropriate services and organization members.

AutoCloud features can be utilized by providing service accounts on demand, which only ever exist in memory and are erased at the termination of the requested operation, allowing users to elect out of storing sensitive credentials on AutoCloud’s systems.

Auditing

All system activity is monitored and logged. These activity streams are continuously analyzed by our security tooling and regularly audited manually.

Updated 03 Mar 2023
Did this page help you?
PREVIOUS
Delete your account
NEXT
Feedback/Contact
Docs powered by
Archbee
TABLE OF CONTENTS
Our Security Practices
Architecture
Encryption
Authentication & Authorization
Network Security
Application Security
Automation
Access Credentials
Auditing
Docs powered by
Archbee