Information Security, Engineering, and Product teams collaborate to ensure strict adherence to vulnerability detection and change management procedures. The large majority of our processes integrate automated security checks to identify vulnerabilities before they are ever introduced to production.
Aumni employs security and availability monitoring tools to detect suspicious or anomalous activity. For example, if an employee or customer logs in from two different locations where travel is impossible, our security team is immediately alerted. All alerts are acted upon in a timely manner. Additionally, we ensure that our assets in the cloud use hardened images (i.e., secure configurations) prior to deployment.
We deploy robust tooling to protect our perimeters: we use a zero-trust model for our endpoints (i.e., employee computers), and our web application is protected by a web application firewall that monitors for anomalous and suspicious activity. Our cloud infrastructure deploys firewall IDS/IPS capabilities.