Use Aptible’s ISO 27001 certification to show your customers that your cloud computing stack meets the international gold standard for security.
Run healthcare workloads that process, store, and transmit HIPAA protected health information with Aptible. BAAs are available for Deploy dedicated stacks and Comply.
Use both token-based 2FA and FIDO U2F security keys to protect your Aptible accounts.
Securely control access to your Aptible services.
All Aptible accounts include Business level support. Support upgrade options include private Slack channels with the Aptible team and 15-minute critical response times.
Weekly Activity Reports aggregate Aptible API operations from each of your environments for review.
Deploy containers that exit unexpectedly are restarted in pristine condition, ensuring uptime even if your app crashes.
Deploy containers that exceed their memory allocation are allowed to gracefully exit before being restarted. This helps avoid contention on the underlying EC2 instances and increases overall stability of your Deploy workloads.
Deploy automatically deploys horizontally-scaled app and database containers across separate AWS Availability Zones, to ensure high availability.
The Aptible SRE Team monitors your infrastructure 24/7 and responds to host and network incidents on your behalf.
Deploy host operating systems are hardened to disable unnecessary services and limit surface area for attacks.
Deploy automatically procures and renews free TLS certificates via Let’s Encrypt on your behalf.
Restrict access to Deploy apps and databases to a set of whitelisted IP addresses or networks, and block other incoming incoming traffic.
Route Deploy container logs to logging destinations for review, alerting, and archiving. Stream logs to your console in real time with the Aptible Toolbelt.
Easily view container memory and CPU load, database IOPS, and disk usage in the Aptible dashboard.
The Aptible Security Team patches kernel vulnerabilities and other host- and network-level issues on your behalf.
Integrate with partners or connect privately to your Deploy dedicated stacks using Managed IPsec VPNs.
Restrict access to apps and databases to other services in the same dedicated stack.
Securely connect your Deploy dedicated stack to other AWS VPCs in the same region.
Easily replicate (PostgreSQL, MySQL, Redis) or cluster (MongoDB) databases in high-availability setups.
Identify vulnerable system packages in your Docker images. Optionally integrate with Appcanary to be notified when new vulnerabilities are discovered.
Capture output from ephemeral
aptible ssh sessions and route to log drains for auditing, analysis, and compliance.
Build your Docker image locally or in a CI platform, push the image to a Docker registry, and deploy straight to Deploy.
Let Deploy build your container images using a Dockerfile you specify, initiated with push to an Deploy git endpoint.
Deploy scans both the Internet-facing network and private network of a master reference stack each month. The Aptible Security Team remediates adverse findings without customer intervention. You may request a scan of your dedicated stack and its hosts as needed for your own security assessments and audits.
Deploy VPC-based approach means that most stack components are not accessible from the Internet, and cannot be targeted directly by a DDoS attack. Deploy SSL/TLS endpoints include an AWS Elastic Load Balancer, which only supports valid TCP requests, meaning DDoS attacks such as UDP and SYN floods will not reach your app layer.
Easily scale your app and database containers, both horizontally (more containers per service) and vertically (bigger containers). Database disks can be resized from the Aptible dashboard or with the CLI with minimal downtime.
Deploy monitors the underlying EC2 instances in your stacks for potential intrusions, such as unauthorized SSH access, rootkits, file integrity issues, and privilege escalation. The Aptible Security Team responds on your behalf 24/7 to investigate and resolve issues as they arise.
Deploy takes automatic daily backups of your databases, and distributes those backups across geographically separate regions.
Run Elasticsearch, MongoDB, MySQL, PostgreSQL, RabbitMQ, Redis, or SFTP containers on Deploy.
Traffic is encrypted all the way from your endpoints to your app and database containers using strong TLS ciphers.
Database volumes are encrypted at rest using AES-256 with Aptible-managed keys.
Easily spin up auditable ephemeral app containers to run management consoles, run ad-hoc jobs, and administer your architecture.
Use the Aptible CLI to securely connect to your Deploy databases and audit each access.
Each Deploy dedicated Stack runs in its own private VPC, making it easy to provision and manage multiple VPCs to support customers with stringent requirements for isolation and security.
Public-facing EC2 instances use inbound Security Group rules configured in denyall mode. Only necessary ports are opened, and configuration is checked and enforced on a regular basis.
Access real-time information about the status of the Aptible services at status.aptible.com.
Deploy performs both release and runtime health checks to ensure your web services are performant and responsive.
When encountering a failure during a deployment operation (e.g. one of your stack's underlying EC2 instances fails, AWS S3 has an outage, etc.), Deploy automatically restores your architecture to the last known good state.
Deploy automatically enables data integrity controls for database types that support it (e.g. PostgreSQL write-ahead logs; MySQL binary logging; Redis RDB backups; MongoDB journaling, etc).
Deploy automatically performs zerodowntime rolling deployments when you release your app.
Configure your apps to serve custom maintenance pages when requests time out, your app is down, or when you scale your app to zero containers.
Aptible Deploy is an ISO 27001 and SOC 2 certified, AWS-based deployment platform for deploying audit-ready apps and databases. Using Aptible Deploy, companies can launch highly available, secure apps and databases into isolated cloud environments using a developer-friendly workflow. Apps hosted on Aptible Deploy conform to the requirements of HIPAA, ISO 27001, SOC 2, GDPR, and other security frameworks.
“[Aptible] just works. Nice UI to setup components and environments which eliminates the complexity of setting up and managing AWS directly. Allows me to worry about the code instead of the underlying deployment infrastructure.”
You are responsible for implementing security controls in your app business logic, such as authentication, app-level access controls, and audit logging.
You are responsible for detecting and mitigating vulnerabilities in your Deploy apps.
You are responsible for managing your apps' dependencies (e.g. package.json, Gemfiles, etc.) and patching vulnerabilities. You may use Deploy App Security Scans to detect potential issues with system packages installed in your Docker images.
You are responsible for managing your passwords, API keys, and other secrets. You may use Deploy environment variables to store sensitive information and configuration.