Cyber Security
Unity has been developed with extreme high security as one of the main focus points. Unity are used by lots of military customers cross US Army, German Army, Danish Army, lots of high profile customers across the aeronautic business all demanding extremely high degree of security.
Unity are monthly being scanned using tools like OWASP, HP Fortifier to constantly make sure that we maintain and keep the high degree of security I our software development.
Unity is today used across a lot of high profile companies linked to the delivered level of security, sample customers is Airbus Defense, Nato, Honeywell, L3Harris, Thales, Boeing...
Our architecture across the different elements are implemented to ensure that the highest degree of security can be delivered and at the same time offer an architecture that ensure that their is full redundancy and scalability to cope with any size of requirements.
Dedicated Server firewalls
Each installed server in the setup are equipped with a dedicated firewall that ensure that only wanted connections can be established between the different servers and also ensure that inly absolutely needed connectivity is made available between the nodes. Firewalls can if needed be monitored in real time allowing our support team to see ongoing sessions and be spotting strange access patterns.
Spending monitoring on package level have several trigger levels that can be enabled or disabled, and also offer the ability to auto suspend a package in case I max trigger is hit – in case of auto suspend will package also automatically be enabled again when entering into a new billing period.
Web Service Security
API Security is the convergence of information assurance, cyber security protection, and identity access control. Unity APIs represent the logical tier of abstraction to enable legacy and modern technologies to connect and integrate. Security is an essential aspect of our business enablement via APIs as this exposes information and access into and out of the information border. Thus, our API has also become the logical point of centralizing API Security processing.
Real-time Access Screening
Any login is validated – multiple failing attempts will have an associated captcha added and repeated failed login or similar patterns will result in auto banning of the source. Login interface are able to be limited to certain locations and are all equipped with SSL to form a tunnel between the browser and the server login.
Username and passwords need to fulfill certain minimum requirements – when a password are entered will it be going through a very strong one way algorithm that mean no user password will be saved directly and a later login will be based on pattern mapping.
ISO 27001 Backup
Our backup environment are installed in a complete ISO27001 security approved environment that offer multilevel security, have iris access scanning and offer multilevel firewall access that only allow own servers to communicate with the setup.
Customer Access
Our frontend nodes are the only ones that can be accessed by external customers, a frontend node only contain the web layout and will parse each single stateless request back to our backend environment – where each single request will be authenticated to make sure that only relevant and needed information will be parsed back through our secure API implementation that are taking place through SSL connectivity. Meaning a frontend don’t have any data linked to users or traffic installed at all – in fact it is not even containing a database or similar.
Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it. Our OWASP scanning are monthly testing this on our interfaces to ensure that we keep highest possible level of form security.
Single Sign On (SSO)
Unity can be offered with a SSO solution that allow a single account to be logged in at any given time on a server – if the same account is used while already being logged in will the first login be terminated. Our secure SSO are based on Kerberos authentication combined with multiple different security setup to make sure that we can ensure the needed level of security.
OWASP scanning
We have our own local OWASP installation in Copenhagen where we are performing automated security scan - The OWASP Foundation it was established as a not-for-profit charitable organization in the United States to ensure the ongoing availability for an advanced security scanning software. OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. OWASP advocate approaching application security as a people, process, and technology problem because the most effective approaches to application security include improvements in all of these areas. More info can be found at www.owasp.org.