Defendify features a cloud-based production environment to take advantage of our partners' industry-leading expertise, chosen because they take security as seriously as we do. Our partners maintain multiple certifications for their data centers, meeting all industry-mandated compliance standards.
A Strong Handshake
Defendify requires user email verification and leverages multi-factor authentication. We enforce password complexity rules that follow or exceed published industry best practices. And our API and application endpoints are TLS/SSL only and score an "A+" rating on SSL Labs' tests.
The Human Factor
We understand the fundamental importance of empowering the humans behind our technology, so we require:
- Comprehensive personal and vendor background checks
- Detailed information security policy agreements and training
- Ongoing security awareness testing and training
Our app is a product of 100% in-house development. We’re huge fans of, and abide by, the principle of least privilege when handling both internal and client data.
A Model of Continuous Improvement
- Ongoing monitoring and improvements based on the security landscape and best practices
- Regular web application and network penetration testing through 3rd party ethical hackers
- Bug bounty program for ongoing, external review and identification of potential vulnerabilities
- Incident response plan to efficiently remediate any potential threats and mitigate downtime
We Practice What We Preach
Defendify runs on Defendify! We’ve adopted our own ongoing cybersecurity program in addition to supplemental measures and controls often only seen in larger scale organizations.