Miscellaneous¶
Input validation¶
Securden validates all inputs in the web-interface, and the application is guarded against attacks like SQL injections, cross-site scripting, buffer overflow, and other attacks.
Browser extensions - The security aspects¶
- Content Security Policy (CSP) is enforced.
- lnline JavaScript execution and AJAX requests to other sites are prohibited.
Server hardening¶
Securden is recommended to be run on a dedicated, hardened server. Except for the web-server port, no other port needs to be opened on the firewall. No other communication happens with outside entities.
Tamper-proof trails¶
Audit trails pertaining to privileged access activity and the session recordings are securely stored. Access to the data follows granular controls. Trails cannot be tampered with any attempt to delete data triggers alerts.