Security

Uptick Infrastructure Security

• Full end-to-end encrypted sessions using TLS 1.2 AES 256-bit
• AWS Virtual Private Cloud (VPC)
• Physically separate AWS accounts for each customer
• AWS Security Groups for port & IP address restrictions
• Encrypted S3 Buckets and RDS storage
• Secure log storage of application and cluster events
• Data encrypted at rest using AES-256

Uptick Secure Analysis

• Static Application Security Testing (SAST)
• Dynamic Application Security Testing (DAST)
• Docker container scanning
• Third party and Internal penetration testing
• OWASP secure coding principles

Uptick Employee Access Controls

• Role-based access control (RBAC)
• Multi-Factor Authentication (MFA) for access to production instances
• Background checks
• Automated onboarding and offboarding

Product Security and User Identity Management

• Centrally manage your policies for access with Single Sign-On (SSO) for all Uptick plans
• Control access to Uptick Dashboards and UI with fine-grained permissions to manage how your users interact with your data.