Whenever we innovate and work on new products and features, “security” is one of the first steps on the checklist. This way, we can be sure to design our products with safety in mind and make the technological and architectural decisions that lead to safe implementations.
Multi-layer security infrastructure
We use several well-known industry standard solutions to continuously check and protect our platforms against potential security issues:
– A web application firewall, which is our first line of defense against common threats such as distributed denial of service (DDOS) attacks and malicious web requests. This also includes automatic blocking of well-known bad reputation sources (e.g. the dark web) on the Internet.
– An automated penetration testing platform that regularly scans our platforms and notifies our development teams whenever a new potential security risk emerges (e.g., a newly discovered vulnerability) so that we can immediately apply corrective measures.
– A static code analysis platform that provides an even higher level of security by actually examining our constantly evolving code and evaluating every possible entry point into our application. It detects and notifies our development teams where they might have missed something.
– Our software composition analysis tools allow us to analyze the external dependencies (libraries) used by our code for vulnerabilities.
– An intelligent attack prevention system that learns normal behavior using AI and alerts us when unusual, suspicious activity is detected on the platform. This system automatically warns of such security risks and informs our security team of these activities for follow-up actions.
These services come at a price, and Doctena allocates a significant portion of its IT budget to these security tools because we understand how important they are to you, but also to the survival of our business.