The deployment also includes the scripted server hardening process, a set of configurations to enhance the security of the servers. Signzy uses its own in-house developed custom scripts that scan the server against multiple parameters including (but not limited to) access permission, RWX privileges, etc.

Application infrastructure security components 

SIEM Systems are in place for real-time security, monitoring, alerting, and performance analytics.

Intrusion Detection System (IDS) to monitor network traffic for suspicious activity and issue alerts when such activity is discovered.

Role Based Access Control permissions are being configured for all users.

Patch management to centralize management of the detection and repair of the systems to improve security, performance, and other features.

Dedicated Incident Response team who are prepared for responding to any immediate emergency incident.

Advanced security stack inclusion, i.e. Nessus Professional, Fortinet, Wazuh, DLP, etc.

Authorized manual and simulated attacks are performed on infrastructure to detect and mitigate any potential vulnerabilities.  

 Signzy ensures that each team member and service only has the access they need to perform their job and no more.

 Signzy uses secure protocols such as HTTPS and SSH for communication between different stages of the pipeline.

 Signzy uses 2-factor authentication for access to the CI/CD pipeline and related systems.

 Signzy keeps all tools and libraries used in the pipeline up to date to ensure that known vulnerabilities are patched.

Signzy uses static analysis tools to detect and fix vulnerabilities in the code early in the development process.

 Signzy ensures the monitoring of all activity logs in the pipeline to detect and investigate any security breaches.

Signzy ensures a secure deployment process that involves testing and reviewing code changes before they are deployed to production.

 Signzy regularly reviews and tests the pipeline to identify and fix any security weaknesses. 

 Signzy uses a base image that is well-maintained and regularly updated with the latest security patches.

 Signzy uses a minimal base image that only includes the necessary libraries and tools to reduce the attack surface.

 Signzy runs containers with the minimum privileges necessary to reduce the risk of privilege escalation attacks.

Regular review and testing of the Docker environment:

 Signzy regularly reviews and tests the Docker environment to identify and fix any security weaknesses.

Please feel free to contact us if you have any questions, require clarification, or have ideas for how to make the documents or any of our services better.


Learn about the comprehensive security measures implemented by Signzy to safeguard their application infrastructure, CI/CD pipeline, and Docker environment. From server hardening and intrusion detection to role-based access control and patch management, d

Data Security Attributes

Deployment Level Security

Components of Deployment

Deployment types, effort, and other criteria

Deployment Support Options

Deployment

Generic Onboarding

No Code Platform (GO)

Overview

Creating Pages/Screens

Making the Flow

Setting the Rules

Create Merchant in Back Office

Create Your First Onboarding Journey

Untitled