Security Overview

Ensuring Integrity and Confidentiality of Your Data

No Routine Access

• Employees of Perdix Software do not have routine access to any of the data contained within a customer’s deployment of MOLI.
• Limited, audited access is provided for troubleshooting and maintenance, to select employees at select times only.

Preventing Data Theft

• All customer data are encrypted while in-transit
  • Over the wire: Using HTTPS / TLS
    • Each MOLI deployment is checked with the Qualys SSL Server Test, monthly, and any grade below an “A” is immediately remediated
  • Physically: Using full-disk encryption

Ensuring Integrity of the Product Itself

Detecting and Fixing Developer Mistakes + Preventing Covert Changes

• All source code is stored in a controlled-access repository supporting two-factor authentication and audit logging
• All new or changed source code is subject to formalized group review
• All new or changed source code is subject to formalized quality assurance
  • automated test suites
  • manually-executed testing

Ensuring a Corporate Culture of Security

Team Experience

CEO Steven Smith and Principal Engineer Zach Kruchoski are former “Mykonos” team members from Juniper Networks, where they helped develop WebApp Secure, a web application firewall utilizing Intrusion Deception™ to track, deceive, and stop attackers.At Perdix, both Steven and Zach take responsibility for product security, and mentoring team members to foster a security-focused culture.