Operational Framework
Security
Deployment Level Security
4 min
the deployment also includes the scripted server hardening process, a set of configurations to enhance the security of the servers signzy uses its own in house developed custom scripts that scan the server against multiple parameters including (but not limited to) access permission, rwx privileges, etc application infrastructure security components siem systems are in place for real time security, monitoring, alerting, and performance analytics intrusion detection system (ids) to monitor network traffic for suspicious activity and issue alerts when such activity is discovered role based access control permissions are being configured for all users patch management to centralize management of the detection and repair of the systems to improve security, performance, and other features dedicated incident response team who are prepared for responding to any immediate emergency incident advanced security stack inclusion, i e nessus professional, fortinet, wazuh, dlp, etc authorized manual and simulated attacks are performed on infrastructure to detect and mitigate any potential vulnerabilities security of ci/cd pipeline least privilege access signzy ensures that each team member and service only has the access they need to perform their job and no more secure communication protocols signzy uses secure protocols such as https and ssh for communication between different stages of the pipeline 2 factor authentication signzy uses 2 factor authentication for access to the ci/cd pipeline and related systems regular updation of tools and libraries signzy keeps all tools and libraries used in the pipeline up to date to ensure that known vulnerabilities are patched static analysis tools signzy uses static analysis tools to detect and fix vulnerabilities in the code early in the development process monitoring of log pipeline activity signzy ensures the monitoring of all activity logs in the pipeline to detect and investigate any security breaches secure deployment process signzy ensures a secure deployment process that involves testing and reviewing code changes before they are deployed to production regular review and testing of pipeline signzy regularly reviews and tests the pipeline to identify and fix any security weaknesses security of docker use of secure base image signzy uses a base image that is well maintained and regularly updated with the latest security patches use of minimal base image signzy uses a minimal base image that only includes the necessary libraries and tools to reduce the attack surface minimal privileges signzy runs containers with the minimum privileges necessary to reduce the risk of privilege escalation attacks regular review and testing of the docker environment signzy regularly reviews and tests the docker environment to identify and fix any security weaknesses getting help please feel free to contact us if you have any questions, require clarification, or have ideas for how to make the documents or any of our services better you can reach out to us at help\@signzy com