Safeguard at Temperstack
Using Temperstack is absolutely safe. When you are integrating your systems, Temperstack clearly specifies all the accesses it would be asking for. These are read-only permissions, except for the alert setup and notifications. Temperstack cannot access your code base, user information or any other sensitive data. The integration keys are encrypted and stored securely in AWS Secrets Manager.
Temperstack engineers work hard to ensure that our platform and users are 100% safe. However, nobody’s perfect. Should you encounter a security vulnerability, we want to hear from you.
Looking to report a security concern? Please visit our Responsible Disclosure page. To read more about disclosure policy click here
Safety Protocol Features
Data Security
Temperstack encrypts data at rest and in transit for all of our customers.
Application Security
Temperstack regularly engages some of the industry’s best application security experts for penetration tests. Our testers evaluate the source code, the running application, and the deployed environment.
Infrastructure Security
Temperstack uses Amazon Web Services to host our application services. We employ best in class industry security tools, standards and services to protect, monitor and regularly audit our infrastructure.
Temperstack has the following certifications
1. SOC 2 Type II - Compliant
2. ISO 27001 - Compliant
3. GDPR - Compliant
Permissions
- AWS - Read Permission to identify deployed infrastructure. Write permission to setup alerts.
- Azure - Read Permission to identify deployed infrastructure. Write permission to setup alerts.
- GCP - Read Permission to identify deployed infrastructure. Write permission to setup alerts.
- NewRelic - Read Permission to identify APM, Browser Monitoring and Synthetics reporting to NewRelic. Write permission to mark key transactions and setup alerts.
- Datadog - Read Permission to identify APM, Synthetics, RUM reporting to Datadog. Write permission to register API endpoints and setup alerts.
Other Security Measures
- We perform periodic vulnerability assessment scans.
- Real time Infrastructure security monitoring enabled.
- We run regular infrastructure scans to identify any deviation from security standards
- Enterprise grade Web application firewall [WAF] enabled on all our products
- Enterprise grade Secure Sockets Layer [SSL] configured
Temperstack is fully agentless and does not access any data from customer infrastructure.
Temperstack is always open to feedback, questions, and suggestions.If you would like to talk to us, please email us at security@temperstack.com
.svg){kind=small}
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)