Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Yes. In on-premise environments sometimes private CA are used. GRAVITY has a mechanic to import private certificates in deployed .jar-files and docker containers. (More information)

SaaS: What Web Application Firewall (WAF) is used?

Yes. OpsOne uses ModSecurity to additional protection against application level attacks such as cross site-scripting and SQL injections. By default, the core rules set will be loaded, and will block common vulnerabilities and zero day attacks by adding some more global rules. But Gravity Global AG will configure additional settings in accordance of the GRAVITY configuration and the customers requests.

Are Vulnerabilities Scans applied to the builds?

Yes. When we build our software we scan the built containers with Harbour. The containers are scanned with the Library Trivy.