Security Guardian Current - Security Guide

Introduction About Security Guardian Architecture Overview Azure Datacenter Security Overview of Data Handled by Security Guardian

Artificial Intelligence in Security Guardian Enabling and Disabling Security Guardian Intelligence AI Safety in Security Guardian

Admin Consent and Service Principals Location of Customer Data Privacy and Protection of Customer Data Network Communications Authentication of Users Role Based Access Control FIPS 140-2 Compliance SDLC and SDL Third Party Assessments and Certifications

Penetration Testing Certification

Operational Security

Access to Data Permissions Required to Configure and Operate Security Guardian Operational Monitoring Production Incident Response Management

Customer Measures

Authentication of Users

The customer logs in to the application by providing On Demand user account credentials.

For more information about user authentication, please refer to the Quest On Demand Global Settings

Security Guide.

Role Based Access Control

Quest On Demand is configured with default roles that cannot be edited or deleted and allows you to add custom roles to make permissions more granular. Each access control role has a specific set of permissions that determines what tasks a user assigned to the role can perform. For more information on role-based access control, please refer to the Quest On Demand product documentation.

FIPS 140-2 Compliance

Security Guardian cryptographic usage is based on Azure FIPS 140-2 compliant cryptographic functions. For more information, see Microsoft-us/azure/storage/blobs/security-recommendations.

SDLC and SDL

The On Demand team follows a strict Quality Assurance cycle.

Access to source control and build systems is protected by domain security, meaning that only employees on Quest’s corporate network have access to these systems. Therefore, should an On Demand developer leave the company, this individual will no longer be able to access On Demand systems.
All code is versioned in source control.
All product code is reviewed by another developer before check in.
Regularly scheduled static code analysis is performed on regular basis.
Regularly scheduled vulnerability scanning is performed on regular basis.
Segregated Development, Pre-Production, and Production environments. Customer data is not used in Development and Pre-Production environments.
In addition, the On Demand development team follows a managed Security Development Lifecycle (SDL) which includes:
- MS-SDL best practices
- Threat modelling
- OWASP guidelines

On Demand developers go through the same set of hiring processes and background checks as other Quest employees.

Seleziona il prodotto:

Per una maggiore efficacia, compilare l'Obiettivo della chat:

Soluzioni consigliate per il problema

Security Guardian Current - Security Guide

Authentication of Users

Role Based Access Control

FIPS 140-2 Compliance

SDLC and SDL