Uptick Secure Cloud computing

Uptick Secure Application

• Full end-to-end encrypted sessions using TLS 1.2 AES 256-bit
• Okta OAuth authentication
• OWASP Top-10 tested
• Brute force lockout
• Secure access and user activity logging
• OWASP secure coding principles
• Active Session Monitoring and timeouts

Uptick Secure Infrastructure

• AWS Virtual Privacy Cloud (VPC)
• Physically separate AWS accounts for each customer
• AWS Security Groups for port & IP address restrictions
• Isolated AWS WorkSpaces for secured access to production infrastructure
• Production environment only available from protected areas with additional access controls
• Production environment isolation

Uptick Secure Analysis

• Static Application Security Testing (SAST) analysis
• Dynamic Application Security Testing (DAST) analysis
• Docker container scanning analysis

Uptick Access Security Controls

• Role-based access control (RBAC)
• Multi-Factor Authentication (MFA) for access to production instances

Uptick Data Security Controls

• Encrypted S3 Buckets and RDS storage
• Secure log storage of application and cluster events
• Data encrypted in transit and at rest using AWS-256

Security Certifications & Recognition

• ISO-27001