Introducing Fauna’s SOC2 Certification
- Change management
- Updates to the database, UI and API are linked to documented requirements and merging of new code requires peer review.
- Secrets management
- Encryption keys, passwords and other secrets are stored securely in access-controlled vaults with permission granted for need.
- Metrics-based alerting
- Operational performance of database infrastructure feeds near-real-time dashboards and alerting systems .
- Server-based security monitoring
- Host-based agents on database hardware alerts the security team on a range of events, including unusual outbound connections, anomalous authentication events, and suspicious server processes
- Hiring, onboarding & offboarding processes
- The People Team ensures the skills and talents of new hires fit the requirements of each open position, conduct screening during the hiring process, request appropriate accesses based on role, and are responsible for confirming these accesses are removed when personnel leave the company.
- Access controls
- The security team grants access to company resources based on role and reviews these accesses on an ongoing basis.
- Vulnerability management
- Fauna conducts regular 3rd-party penetration tests and receives vulnerability reports from independent security researchers on an ongoing basis. Security bugs are remediated by priority and tracked to resolution.
If you enjoyed our blog, and want to work on systems and challenges related to globally distributed systems, serverless databases, GraphQL, and Jamstack, Fauna is hiring!
Subscribe to Fauna's newsletter
Get latest blog posts, development tips & tricks, and latest learning material delivered right to your inbox.