Hi all,
Following up on a question previously posted at Daml Hub Cybersecurity, would it be possible to also know whether Daml Hub makes use of any intrusion detection system (IDS)/intrusion prevention system (IPS) to detect/prevent possible network threats apart from the previously mentioned mitigation measures for DDoS?
Thanks in advance.
Luis
We have implemented a commercial Kubernetes security solution that performs IDs/IPS and admission control, network security, along with other capabilities for monitoring activity within the cluster. This is supplementing the DDOS/WAF we have in front of the clusters. We continue to monitor and tune these facilities as we see real traffic into our environment. We also have daily monitoring of access attempts to the cloud services going into our SIEM.
We are following how the industry is evolving this space, not only for secure SDLC but runtime protections of Kubernetes and the cloud.
We have also just completed a third party penetration test of the environment focused on web application security and Kubernetes configuration.
You can also find more general information on our security posture at Trust Center and Security Resources | Digital Asset. We are also SOC2 Type2 and ISO27K compliant.
Have to discuss other aspects of our security program offline.
Edward Newman
CISO