Run healthcare workloads that process, store, and transmit HIPAA protected health information with Aptible. BAAs are available for Aptible dedicated stacks.
Use both token-based 2FA and FIDO U2F security keys to protect your Aptible accounts.
Securely control access to your Aptible services.
All Aptible accounts include Business level support. Support upgrade options include private Slack channels with the Aptible team and 15-minute critical response times.
Weekly Activity Reports aggregate Aptible API operations from each of your environments for review.
Aptible containers that exit unexpectedly are restarted in pristine condition, ensuring uptime even if your app crashes.
Aptible containers that exceed their memory allocation are allowed to gracefully exit before being restarted. This helps avoid contention on the underlying EC2 instances and increases overall stability of your Aptible workloads.
Aptible automatically deploys horizontally-scaled app and database containers across separate AWS Availability Zones, to ensure high availability.
The Aptible SRE Team monitors your infrastructure 24/7 and responds to host and network incidents on your behalf.
Aptible host operating systems are hardened to disable unnecessary services and limit surface area for attacks.
Aptible automatically procures and renews free TLS certificates via Let’s Encrypt on your behalf.
Restrict access to Aptible apps and databases to a set of whitelisted IP addresses or networks, and block other incoming traffic.
Route Aptible container logs to logging destinations for review, alerting, and archiving. Stream logs to your console in real time with the Aptible Toolbelt.
Easily view container memory and CPU load, database IOPS, and disk usage in the Aptible dashboard.
The Aptible Security Team patches kernel vulnerabilities and other host- and network-level issues on your behalf.
Integrate with partners or connect privately to your Aptible dedicated stacks using Managed IPsec VPNs.
Restrict access to apps and databases to other services in the same dedicated stack.
Securely connect your Aptible dedicated stack to other AWS VPCs in the same region.
Easily replicate (PostgreSQL, MySQL, Redis) or cluster (MongoDB) databases in high-availability setups.
Identify vulnerable system packages in your Docker images. Optionally integrate with Appcanary to be notified when new vulnerabilities are discovered.
Capture output from ephemeral
aptible ssh sessions and route to log drains for auditing, analysis, and compliance.
Build your Docker image locally or in a CI platform, push the image to a Docker registry, and deploy straight to Aptible.
Let Aptible build your container images using a Dockerfile you specify, initiated with push to an Aptible git endpoint.
Aptible scans both the Internet-facing network and private network of a master reference stack each month. The Aptible Security Team remediates adverse findings without customer intervention. You may request a scan of your dedicated stack and its hosts as needed for your own security assessments and audits.
Aptible VPC-based approach means that most stack components are not accessible from the Internet, and cannot be targeted directly by a DDoS attack. Aptible SSL/TLS endpoints include an AWS Elastic Load Balancer, which only supports valid TCP requests, meaning DDoS attacks such as UDP and SYN floods will not reach your app layer.
Easily scale your app and database containers, both horizontally (more containers per service) and vertically (bigger containers). Database disks can be resized from the Aptible dashboard or with the CLI with minimal downtime.
Aptible monitors the underlying EC2 instances in your stacks for potential intrusions, such as unauthorized SSH access, rootkits, file integrity issues, and privilege escalation. The Aptible Security Team responds on your behalf 24/7 to investigate and resolve issues as they arise.
Aptible takes automatic daily backups of your databases, and distributes those backups across geographically separate regions.
Run Elasticsearch, MongoDB, MySQL, PostgreSQL, RabbitMQ, Redis, or SFTP containers on Aptible.
Traffic is encrypted all the way from your endpoints to your app and database containers using strong TLS ciphers.
Database volumes are encrypted at rest using AES-256 with Aptible-managed keys.
Easily spin up auditable ephemeral app containers to run management consoles, run ad-hoc jobs, and administer your architecture.
Use the Aptible CLI to securely connect to your Aptible databases and audit each access.
Each Aptible dedicated Stack runs in its own private VPC, making it easy to provision and manage multiple VPCs to support customers with stringent requirements for isolation and security.
Public-facing EC2 instances use inbound Security Group rules configured in denyall mode. Only necessary ports are opened, and configuration is checked and enforced on a regular basis.
Access real-time information about the status of the Aptible services at status.aptible.com.
Aptible performs both release and runtime health checks to ensure your web services are performant and responsive.
When encountering a failure during a deployment operation (e.g. one of your stack's underlying EC2 instances fails, AWS S3 has an outage, etc.), Aptible automatically restores your architecture to the last known good state.
Aptible automatically enables data integrity controls for database types that support it (e.g. PostgreSQL write-ahead logs; MySQL binary logging; Redis RDB backups; MongoDB journaling, etc).
Aptible automatically performs zero downtime rolling deployments when you release your app.
Configure your apps to serve custom maintenance pages when requests time out, your app is down, or when you scale your app to zero containers.
Aptible is a SOC 2 and HITRUST certified, AWS-based application platform for deploying apps and databases that run in a scalable, HIPAA-compliant environment.
“[Aptible] just works. Nice UI to setup components and environments which eliminates the complexity of setting up and managing AWS directly. Allows me to worry about the code instead of the underlying deployment infrastructure.”
You are responsible for implementing security controls in your app business logic, such as authentication, app-level access controls, and audit logging.
You are responsible for detecting and mitigating vulnerabilities in your Aptible apps.
You are responsible for managing your apps' dependencies (e.g. package.json, Gemfiles, etc.) and patching vulnerabilities. You may use Aptible App Security Scans to detect potential issues with system packages installed in your Docker images.
You are responsible for managing your passwords, API keys, and other secrets. You may use Aptible environment variables to store sensitive information and configuration.