diff options
author | Chris Akritidis <43294513+cakrit@users.noreply.github.com> | 2023-05-17 07:32:37 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-05-17 07:32:37 -0700 |
commit | 90552f5a1648a410ecb7fba81e48a16a9a5da0a9 (patch) | |
tree | ca5ce556320def4522a5df8203d7132395ead705 /docs | |
parent | 6bf43a97ce1f9d3e299de7b5034839dcbda9f258 (diff) |
Update netdata-security.md (#15067)
Diffstat (limited to 'docs')
-rw-r--r-- | docs/netdata-security.md | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/docs/netdata-security.md b/docs/netdata-security.md index 77c1b12e42..c118736d9a 100644 --- a/docs/netdata-security.md +++ b/docs/netdata-security.md @@ -213,29 +213,29 @@ By collecting this data, Netdata is able to continuously improve their service a Internal Security Measures at Netdata are designed with an emphasis on data privacy and protection. The measures include: -1. **Infrastructure as Code (IaC)** \ +1. **Infrastructure as Code (IaC)** : Netdata Cloud follows the IaC model, which means it is a microservices environment that is completely isolated. All changes are managed through Terraform, an open-source IaC software tool that provides a consistent CLI workflow for managing cloud services. -2. **TLS Termination and IAM Service** \ +2. **TLS Termination and IAM Service** : At the edge of Netdata Cloud, there is a TLS termination, which provides the decryption point for incoming TLS connections. Additionally, an Identity Access Management (IAM) service validates JWT tokens included in request cookies or denies access to them. -3. **Session Identification** \ +3. **Session Identification** : Once inside the microservices environment, all requests are associated with session IDs that identify the user making the request. This approach provides additional layers of security and traceability. -4. **Data Storage** \ +4. **Data Storage** : Data is stored in various NoSQL and SQL databases and message brokers. The entire environment is fully isolated, providing a secure space for data management. -5. **Authentication** \ +5. **Authentication** : Netdata Cloud does not store credentials. It offers three types of authentication: GitHub Single Sign-On (SSO), Google SSO, and email validation. -6. **DDoS Protection** \ +6. **DDoS Protection** : Netdata Cloud has multiple protection mechanisms against Distributed Denial of Service (DDoS) attacks, including rate-limiting and automated blacklisting. -7. **Security-Focused Development Process** \ +7. **Security-Focused Development Process** : To ensure a secure environment, Netdata employs a security-focused development process. This includes the use of static code analysers to identify potential security vulnerabilities in the codebase. -8. **High Security Standards** \ +8. **High Security Standards** : Netdata Cloud maintains high security standards and can provide additional customization on a per contract basis. -9. **Employee Security Practices** \ +9. **Employee Security Practices** : Netdata ensures its employees follow security best practices, including role-based access, periodic access review, and multi-factor authentication. This helps to minimize the risk of unauthorized access to sensitive data. -10. **Experienced Developers** \ +10. **Experienced Developers** : Netdata hires senior developers with vast experience in security-related matters. It enforces two code reviews for every Pull Request (PR), ensuring that any potential issues are identified and addressed promptly. -11. **DevOps Methodologies** \ +11. **DevOps Methodologies** : Netdata's DevOps methodologies use the highest standards in access control in all places, utilizing the best practices available. -12. **Risk-Based Security Program** \ +12. **Risk-Based Security Program** : Netdata has a risk-based security program that continually assesses and mitigates risks associated with data security. This program helps maintain a secure environment for user data. These security measures ensure that Netdata Cloud is a secure environment for users to monitor and troubleshoot their systems. The company remains committed to continuously improving its security practices to safeguard user data effectively. |