Security as a core value

At VAKT, we enable companies to exchange sensitive commercial information in a secure, private, and immutable way.

That’s why we take a security-first approach to everything we do. From the development of our services, based on blockchain (distributed ledger technology) for storing and exchanging information between network participants, to the delivery of our services using Infrastructure as Code and CI/CD approach, to the monitoring of our environments with anomaly detection and automated remediation, security is a core value that drives our business forward.

ISO 27001:2013

VAKT has achieved its ISO/IEC 27001:2013 certification in 2020. Previous to this VAKT held Cyber Essentials Plus during 2019 and 2020. ISO/IEC 27001:2013 is a security management standard that specifies security management best practices and comprehensive security controls following the ISO/IEC 27002 best practice guidance.

The basis of this certification is the development and implementation of a rigorous security program, which includes the development and implementation of an Information Security Management System (ISMS).

ISO 27017:2015

VAKT has achieved its ISO/IEC 27017:2015 certification in 2021. ISO/IEC 27017 is a security standard developed for cloud service providers and users to make a safer cloud-based environment and reduce the risk of security problems. It is part of the ISO/IEC 27000 family of standards, standards which provides best practice recommendations on information security management.

This standard was built from ISO/IEC 27002, expanding the security controls applicable to the use of cloud services.

3rd Party Pen Testing

VAKT completes annual penetration tests or more frequent, between major feature releases.

These tests are performed by well-known CREST accredited assessors with the results shared with its customers.

Secure by Design

Security is considered and built into VAKT services at every layer starting with a robust architecture design.

Architectural design decisions are based on well-known security strategies and approaches, defined to meet our stringent requirements.

Soc 2

SOC 2 stands for Service Organization Control 2 and is a security framework that defines how companies should manage, process, and store customer data based on the Trust Services Categories (TSC).

There are five categories to adhere to, which we will delve deeper into later in the guide:

- Security
- Availability
- Processing integrity
-Confidentiality
- Privacy

SOC 2 compliance is unique to each company because it is a set of trust service categories as opposed to a prescriptive list of controls to mark off. Every company’s security practices will look different, meaning they can achieve SOC 2 compliance with custom policies and processes to be put into place that are relevant to your business’s operations.

VAKT IS TRUSTED BY YOUR PEERS

APPLICATION

Web Application Firewall

Industry leading Web Application Firewall with automatic updates to block against the latest threats spotted around the world.

DNSSEC

DNSSEC to block against DNS hijacking attacks. We take your access to VAKT seriously and go in-depth, enabling every security measure we can.

DDoS Protection

Application level and network level DDoS protection is in place on our web services.

Encryption

TLS 1.2 or higher is used for data in transit and encryption at rest for all instances and databases.

INFRASTRUCTURE

AWS

AWS handles physical and virtual aspects as part of the shared responsibility model. Deployments with AWS ECS limit our footprint and ensure a better security posture.

Infrastructure as Code

Infrastructure as code with Terraform allows peer reviewed changes, template scanning for vulnerabilities, and quick recovery in case of outages.

Spoofing Protection

Network spoofing protection is enabled in our cloud provider which prevents adversaries from spoofing traffic or ARP addresses.

Anomaly Detection

VAKT uses a number of services for anomaly detection including GuardDuty as well as third party security services from trusted vendors.

CODE

Static Code Analysis

Every code merge has a static code analysis check done that must be passed before code can be merged to main branch.

Credential Checking

We scan our codebase for credentials to ensure they aren’t accidentally merged into code.

Third Party Library Scanning

A leading third party security solution scans all of our libraries to ensure we don’t have vulnerable libraries in the code base.

Peer Reviewed Merges

All code is peer reviewed by a Senior Engineer before being merged to main branch.

ENDPOINT

Mobile Device Management

Our devices are centrally managed with policies for security, patching, and encryption enforced.

Advanced Persistent Threat Detection

There are many threat actors that target specific companies, VAKT combats this by using Next Gen solutions that have ATP protections and have 24/7 managed threat hunting capabilities.

Endpoint Detection Response

VAKT uses the latest technology in endpoint security to identify potential threats. We use Next-Gen anti-virus and EDR to identify and stop malicious threats activating and to see the chain of events that lead up to it.

ZERO Trust Approach

VAKT uses a Zero Trust approach to evaluate the security posture of the endpoints and its members of staff.

ARE YOU READY TO TALK WITH US?

We can’t wait to show you VAKT in action.

Schedule a meeting with us and we’ll demonstrate how a VAKT integration connects you directly with your counterparts and ecosystem partners for fast, secure, sharing of accurate data.

Talk with us