Monitaur’s security policies are based on the NIST cybersecurity framework v1.1 and OWASP application security verification standards. Monitaur has maintained SOC2 Type 2 compliance since October 2021.
Monitaur encrypts data, whether at rest or in transit, for all of our customers. At Monitaur, we partner with leading cloud providers to manage encryption keys, using hardware security modules for maximum security in-line with industry best practices. Data is regularly scanned to identify and protect sensitive information.
Unique infrastructure is created for each of our customers. All customer data and interactions are separate from every other customer. Customer data is not stored in the same databases as one another, and there is no sharing of data in any way.
Monitaur’s applications are designed with security in mind from the start. All software development at Monitaur adheres to a strict workflow ensuring that every change is peer reviewed, screened by automated static analysis, passes extensive automated test suites, and is verified through manual quality checks.
As part of a yearly security audit, Monitaur enlists third-party experts to conduct penetration tests. Monitaur also uses enterprise security tools to regularly assess our source code for any vulnerabilities. Any identified issues are promptly triaged and appropriately prioritized.
Monitaur has partnered with a leading cloud provider to host our applications. Engineers at Monitaur are alerted in real time if any unusual activity to our infrastructure is detected. All systems are regularly backed up, and engineers verify that disaster recovery failover systems successfully operate on a semi-annual basis.
If you have a security question or concern please email us at firstname.lastname@example.org.