Topics tagged security

Topic	Replies	Views	Activity
Logging Details General data , security	1	49	7 July 2022
What is Yotta's approach to remediating vulnerabilities? General security	1	34	11 April 2022
Do you have SIEM (Security Information & Event Management) integration? General security	1	44	30 July 2021
Does audit data such as verbose logs contain any sensitive information? Infrastructure data , security	1	35	30 July 2021
Can the log files of your solution/system be exported? Infrastructure security	1	36	30 July 2021
What audit information can be extracted in relation to login attempts? Reports authentication , security	1	51	30 July 2021
What logging/auditing is available? General data , security , permissions	1	43	30 July 2021
Do you communicate security issues/incidents with subcontracted services to customers? General security	1	41	30 July 2021
Do you have a process for actual or suspected cyber security incidents or breaches being reported to the customer? Infrastructure security	1	33	30 July 2021
What additional security testing have you completed? General security	1	40	30 July 2021
If you use AWS, do you use Amazon GuardDuty Threat Detection? Infrastructure security	1	41	30 July 2021
If you use AWS, do you use Amazon Shield? Infrastructure security	1	35	30 July 2021
How is the data protected in transit? Infrastructure data , security	1	34	30 July 2021
Have you implemented DKIM, DMARC and SPF on your email service? Infrastructure security , email	1	39	30 July 2021
Where is Alloy Data Stored? Infrastructure data , security	1	36	30 July 2021
Will remote access be required? Infrastructure data , security	1	33	30 July 2021
Which Certification Authority do you use? Infrastructure security	1	35	30 July 2021
Does the solution use Client Certificates for authentication or S/MIME? Infrastructure security	1	32	30 July 2021
Does the solution use Client Certificates for signing to provide non-repudiation? Infrastructure security	1	31	30 July 2021
Are Self Signed Digital Certificates used? Infrastructure data , security	1	45	30 July 2021
Is there a lockout process for user accounts? General authentication , user , security	1	43	30 July 2021
Does the solution use Role Based permissions/authorisation? General authentication , user , security	1	38	30 July 2021
How is the communication between the Client/Mobile and the Service encrypted? Infrastructure security	1	43	30 July 2021
What additional controls are in place to support the unauthorised access of data? General data , security	1	46	30 July 2021
Are users shown that a failed login was a username or password that was incorrect? General authentication , user , security	1	33	30 July 2021
Is the password policy configurable? General authentication , user , security	1	37	30 July 2021
OWASP suggests methods of storing passwords, do you follow this methodology? General authentication , user , security	1	43	30 July 2021
Does the solution require an EV certificate? Infrastructure security	1	34	30 July 2021
Are any Trusted Root Certificates included in the standard build Infrastructure security	1	32	30 July 2021
Can you limit user access to Alloy to specific IP ranges Infrastructure security	1	34	30 July 2021