Platform Security Features
The vCISO platform enforces TLS 1.1 or greater for all browser sessions, ensuring data-in-transit is always protected from eavesdropping.
The most sensitive elements of data stored in the platform are encrypted in the database using strong, modern ciphers.
vCISO is hosted using a Kubernetes container-based architecture which provides many built-in benefits, including isolation from cloud-native threats.
Data integrity and privacy is further protected from many types of application-layers attacks and other OWASP Top 10 threats by an enterprise-grade web application firewall (WAF).
Additionally, we leverage an advanced global CDN to provide DDoS mitigation services ensuring the platform remains available, even under attack. Origin cloaking technology in the network prevents sophisticated attackers from bypassing DDoS mitigation capabilities using tools like Cloudpiercer.
Derisk's hosting facility is annually accredited by the AICPA for SOC 2 Type I compliance, covering the Security and Availability Trust Services Criteria.