Government agencies, with their strict security requirements, often face difficulties in fully embracing DevSecOps practices. Balancing the need for rapid feature releases with robust security measures poses a challenge. Feature flags offer a promising solution in this context. By seamlessly integrating into DevOps and DevSecOps pipelines, they can empower government agencies to effectively manage feature releases while maintaining high levels of security.
7 posts tagged with "security"
View All TagsFeature Management Architecture & Security (what to consider)
Adding new features to existing applications used to mean that code pushed into production automatically updated the entire app. This raises security risks to the existing application, because a single bug could have catastrophic consequences. This risk can be reduced by implementing a secure feature management architecture that allows code updates with increased flexibility and the power to easily switch between versions.
Questions and Key Considerations When Choosing a SaaS Provider
Choosing the right SaaS (Software as a Service) provider is a crucial decision for any organization. When evaluating potential vendors, it's essential to have a clear understanding of their security measures, service level agreements, and other factors that may impact your business.
Here are some key questions to help guide your evaluation process.
ConfigCat just got ISO 27001 certified
ConfigCat is proud to offer a robust, comprehensive feature flag service for software engineers to utilize safe trunk based development.
Companies must use the most up-to-date standards when developing their unique Information Security Management System (ISMS), as information security becomes significantly more difficult to protect the more an organization grows.
ConfigCat is not vulnerable to the log4j vulnerability CVE-2021-44228
ConfigCat is NOT affected
A remote code execution flaw was recently discovered in log4j. The vulnerability is fixed in log4j 2.15.0.
Log4j is a popular Java logging library. It is used by many popular Java applications. We have double-checked our systems and SDKs to be sure that they are not affected by this vulnerability.
ConfigCat’s Security Framework
Nowadays, almost each and every business uses some sort of web application, so cyberattacks are becoming a daily struggle for huge enterprises as well as for small businesses. It’s not enough for programmers to build an application that looks great and works smoothly. Many consumers are getting aware of the need for security in the applications they are using.
As ConfigCat is a Software as a Service business with applications running in the cloud, we take security as seriously as reliability. Here are the security measures we take to ensure that we deliver a secure application.
Two-Factor Authentication (2FA) in ConfigCat
What is 2FA?
2FA is a way of granting access to users only after presenting two separate pieces of evidence (factors). One of these factors is usually a password which the user should know and the other factor something they have or even something they are. This way you can be sure that only knowing your password won't be enough for an attacker to gain access to your account.
How does 2FA work in ConfigCat?
In our case the first factor is password you use to login to ConfigCat Dashboard. The second factor is a 6-digit number generated via an Authenticator App.