Your data security & Hyperglance
Here are some of the measures that we take to keep Hyperglance secure
- Unlike typical SaaS solutions, Hyperglance is deployed self-hosted and isolated in your own VPC/VNet.
- All data is stored on the instance/VM; you control and own everything. You never share credentials with a third party.
- Hyperglance only needs Read-Only access to the AWS, Azure, GCP or Kubernetes APIs. No agents to install on your resources.
- All communications between the APIs and all Hyperglance clients are over HTTPS.
- Hyperglance can be deployed to Kubernetes or as an Instance/VM.
- We support installing Hyperglance on your own trusted golden VM image.
- Hyperglance supports custom SSL certificates.
- Hyperglance has with SAML support and RBAC built-in.
- Hyperglance has a "bring your own" PostgreSQL database mode for customers who prefer to own the DB security posture.
- Local user passwords are securely hashed & salted (PBKDF2WithHmacSHA256)
- Our pre-built AMI and VM images are based on STIG hardened Ubuntu in accordance with https://www.stigviewer.com/stigs/canonical_ubuntu_2204_lts
- Our Docker images are based on hardened RedHat UBI images from the DoD PlatformOne repository: https://repo1.dso.mil/dsop/redhat/ubi/9.x/ubi9
- Our Docker images are published to DockerHub and can be copied over to your private repositories for internal security auditing. The Hyperglance app can be set to pull images from private repos.
- Software components such as Wildfly and PostgreSQL have STIG hardening applied to their configurations.
- We regularly perform vulnerability scanning using tools such as Docker Scout and Trivy and regularly release updates to drive down CVEs.
- As build partners with AWS, Azure and GCP we continuously remain compliant with their marketplace requirements for CVE management and resolution.