What are your security practices? We do Vendor Security Review (due diligence).
Are you reviewing Knapsack Pro as a prospective business service? Here is information that can be helpful for your Vendor Security Review.
This process requires that you conduct a security review and ensure Knapsack Pro security practices meet industry standards and security best practices. To help you complete your due diligence, we prepared the following information.
Learn about Terms and Conditions of Knapsack Pro service.
Where is Knapsack Pro hosted? What are security standards?
We use Heroku.com as a hosting provider. However, we use Amazon Web Services and their Europe (Ireland)
eu-west-1 data center under the hood.
You can find more information at https://www.heroku.com/policy/security about:
- Security Assessments and Compliance
- Penetration Testing and Vulnerability Assessments
- Network Security
- Data Security
We use Amazon Relational Database Service (RDS) for database storage.
We use SSL whenever you connect with Knapsack Pro API.
Payments Security - PCI compliant payment
We use PCI-compliant payment processor Braintree (BraintreePayments.com) for encrypting and processing credit card payments.
You can verify our PCI compliance here.
What data about your project Knapsack Pro API collects?
We don't have access to your project source code (repository).
Knapsack Pro client libraries gather only a minimal amount of the data about your project during tests runtime. We collect branch name, commit hash, number of parallel nodes you use, test file paths on the disk in your project, and tests execution time. Detailed information can be found here. If you like, you can encrypt your data.