Overview
Our story began with a strong focus on security and compliance, making us the leading Platform as a Service (PaaS) for security and compliance. We provide developer-friendly infrastructure guardrails and solutions to help our customers navigate security audits and achieve compliance. This includes:- Security best practices, out-of-the-box: When you provision a dedicated stack, you automatically unlock a suite of security features, including encryption, DDoS protection, host hardening, intrusion detection, and vulnerability scanning — alleviating the need to worry about security best practices.
- Security and Compliance Dashboard: The Security & Compliance Dashboard provides a unified view of the implemented security controls — track progress, achieve compliance, and easily generate summarized reports.
- Access control: Secure access to your resources is ensured with granular user permission controls, Multi-Factor Authentication (MFA), and Single Sign-On (SSO) support.
- Compliance made easy: We provide HIPAA Business Associate Agreements (BAAs), HITRUST Inheritance, and streamlined SOC 2 compliance solutions — CISO-approved.
Learn more about security functionality
Authentication
Learn about password authentication, SCIM, SSH keys, and Single Sign-On (SSO)
Roles & Permissions
Learn to managr roles & permissions
Security & Compliance Dashboard
Learn to review, manage, and showcase your security & compliance controls
Security Scans
Learn about Aptible’s Docker Image security scans
DDoS Protection
Learn about Aptible’s DDoS Protection
Managed Host Intrusion Detection (HIDS)
Learn about Aptible’s methodoloy and process for intrusion detection
FAQ
How do I achieve HIPAA compliance with Aptible?
How do I achieve HIPAA compliance with Aptible?
Read the guide
How to achieve HIPAA compliance
How do I achieve HITRUST compliance with Aptible?
How do I achieve HITRUST compliance with Aptible?
Read the guide
How to navigate HITRUST Certification
How should I navigate security questionnaires and audits?
How should I navigate security questionnaires and audits?
Does Aptible provide anti-virus/anti-malware/anti-spyware software?
Does Aptible provide anti-virus/anti-malware/anti-spyware software?
Aptible does not currently run antivirus on our platform; this is because the Aptible infrastructure does not run email clients or web browsers, which are by far the most common vector for virus infection. We do however run Host Intrusion Detection Software (HIDS 12) which scans for malware on container hosts. Additionally, our security program does mandate that we run antivirus on Aptible employee workstations and laptops.
How do I access SOC 2 reports and other security documentation?
How do I access SOC 2 reports and other security documentation?
Aptible maintains compliance with programs and frameworks including SOC 2 Type II, GDPR, HIPAA, PCI, HITRUST, EU-US Data Privacy Framework, PIPEDA, Swiss-US Data Privacy Framework, and the UK Extension to the EU-US Data Privacy Framework.We provide documents attesting to our ongoing compliance for use as evidence in your organization’s compliance process. Access is provided through trust.aptible.com. Use Request or Regain Access with the email address associated with your Aptible account.Aptible requires the intended consumer of confidential reports to have an NDA in place directly with Aptible. Through the trust portal, you can e-sign the mutual NDA and access documents such as:
- HITRUST Engagement Letter
- HITRUST CSF Letter of Certification
- HITRUST NIST CSF Assessment
- HITRUST CSF Validated Assessment Report
- SOC 2 Type 2 Report
- SOC 2 Continued Operations Letter
- Penetration Test Summary