Security primitives

secure-vault

Codific Secure Vault

Codific Secure Vault is a secure storage where all recordings are stored.

  • All data is encrypted using Industry-standard AES-256 encryption.
  • Encryption keys are stored in dedicated safety boxes each owned by a specific user.
  • The Vault master access is guarded by a two-man rule implementation based on strong cryptographic primitives. The two-man rule is a control mechanism designed to achieve a high level of security for especially critical material or operations.
  • All audit traces are stored in a so-called write-once read-many storage.
  • The Vault features a flexible access control policy management mechanism to enable secure sharing of data between multiple users. The policies themselves are also stored within the Vault.
2fa

Two-factor authentication

For all authorized access a two-factor authentication mechanism is enforced.

patrol-monitoring

Monitoring

Secure Patrol is a complete solution targeted towards real-time monitoring and protection of software systems. Secure Patrol consists of a team of AI and human agents who patrol software systems preventing and intervening on possible attacks.

patrol-detection

Active Rebuff

All activity that is not regarded as legitimate business logic is blocked.

firewall

Application-Level Firewall

We deploy an application-level firewall to make sure malicious requests are blocked.

browser-security

Browser Security

We leverage best practices in browser security hereby reducing the likelihood and impact of various categories of attacks, such as Cross-Site Scripting, Injection, etc.

server-hardering

Server Hardening

Server hardening involves reducing the available ways to attack the server infrastructure where the Videolab web application is hosted.

auditing

Auditing

We conduct audits including an architectural threat modeling exercise where new threats, their likelihood and impact are assessed regularly.

aplus-https

End-to-end encryption

All access to Videolab is secured using an A+ grade transport layer security.

Due to security considerations a number of the implemented security primitives are not disclosed.