Security Team
Our Security Team is on call 24/7 to respond to security alerts and events.
Security Mechanisms
Our network is protected through the use of GCP security services and mechanisms, integration with our Adaptive Shield platform, regular audits, and network intelligence technologies, which monitor and/or block known malicious traffic and network attacks.
Architecture
Our network security architecture consists of multiple security zones. More sensitive systems like database servers are protected in our most trusted zones. Other systems are housed in zones commensurate with their sensitivity, depending on function, information classification, and risk. Depending on the zone, additional security monitoring and access controls will apply. DMZs are utilized between the Internet, and internally between the different zones of trust.
Security Scanning
Network security scanning gives us deep insight for quick identification of out-of-compliance or potentially vulnerable systems.
Penetration Tests
In addition to our extensive internal scanning and testing program, each year Adaptive Shield employs third-party security experts to perform a broad penetration test across the Adaptive Shield Production and Corporate Networks.
DDoS Mitigation
Adaptive Shield relies on GCP anti-DDoS mechanisms, as well as scaling and redundancy tools.
Logical Access
Access to the Adaptive Shield Production Network is restricted on an explicit need-to-know basis, utilizes the least privilege, is frequently audited and monitored, and is controlled by our Operations Team. Employees accessing the Adaptive Shield Production Network are required to use VPN and MFA.
Incident Response
In case of a suspected incident, response activities are escalated to our 24/7 teams providing Operations, Network Engineering, and Security coverage.
Employees are trained on security incident response processes, including communication channels and escalation paths.
Encryption
- Encryption in Transit
All communications with Adaptive Shield UI and APIs are encrypted via industry standard HTTPS/TLS (TLS 1.2 or higher) over public networks. This ensures that all traffic between the customer and Adaptive Shield is secure during transit.
- Encryption at rest
Data is encrypted at rest in GCP using AES-256.