At Visualogyxâ„¢, our dedication to security is intrinsic to our operations. We've implemented rigorous security and privacy controls to ensure a safe platform.
We align ourselves with SOC 2 compliance, which serves to mitigate potential risks to data integrity, confidentiality, and system availability. This compliance framework covers various aspects, including physical, technical, and administrative considerations.
The SOC 2 framework is a rigorous attestation that underscores our dedication to data security. It signifies that we have undergone meticulous third-party assessment, focusing on designing and implementing controls relevant to security, availability, processing integrity, confidentiality, and privacy.
For access to our security policies, please visit our document trust center.
The Visualogyx platform is a testament to our commitment to safeguarding our customer's sensitive data. Hosted on AWS, we employ state-of-the-art security practices, ensuring an environment of trust and reliability.
User data is encrypted end-to-end. Visualogyx employs the TLS 1.3. protocol and RSA with 2048-bit key certificates for in-transit data encryption. Data is encrypted at rest (databases and file storage) using Advanced Encryption Standard (AES-256), one of the strongest block ciphers available. Encryption keys are also rotated regularly.
We use Auth0 for User Authentication (login), an ISO27001, ISO27018, and SOC 2 Type II enterprise-grade solution. Some of the capabilities include MFA (Multi-Factor Authentication), Breach Password Detection (detect if a specific user’s credentials were included in a major public security breach), and Brute-force Protection (safeguard against brute-force attacks that target a single user account) and more.
Our infrastructure configuration follows best practices, including VPCs (Virtual Private Cloud) to minimize the attack surface area, tight network ACLs (Access Control Lists), Security Groups, Firewalls, Load Balancers, and CDNs.
Within our organization, we diligently manage and restrict internal staff access, maintaining a robust level of control. We've implemented rigorous software change control procedures to ensure that any modifications are executed within a structured framework, further bolstering the security of our operations.
We adhere to the best practices and guidance set forth by OWASP (Open Web Application Security Project) to ensure the security of our systems.
Through a proactive approach, Visualogyx consistently places the utmost emphasis on fortifying the security of our software, underscoring the significance of trust and resilience, especially in the present landscape.
Conducting security assessments on our systems without obtaining explicit written consent is considered unlawful and could lead to civil and criminal legal actions. We request that security researchers engage in any form of security testing only when granted authorization to do so.
If you happen to uncover a vulnerability within any of our products or services unintentionally and wish to bring it to our attention, we encourage you to inform us via email at contact@visualogyx.com.
It’s important to note that Visualogyx does not operate a rewards program or offer “bug bounties” for vulnerability disclosures.
