Atlan has adopted global industry standards in security practices and solutions. These include:
- Amazon S3 server-side encryption secures the S3 bucket launched by Atlan. We use AES-256 as the SSE algorithm in the S3 bucket.
- All the EBS (Elastic Block Storage) launched by Atlan is encrypted. Atlan uses encrypted storage classes to provision persistent volumes to the microservices running inside the Kubernetes cluster.
Atlan also carries out:
- Vulnerability management through frequent releases. Atlan makes weekly releases to minimize vulnerability at a product and operating system level.
- Application Penetration Testing (APT). Atlan works with AppSecure to conduct industry standard APT. A penetration test is an authorized simulated cyber attack on a computer system, performed to evaluate the security of the system. The test is performed to identify both weaknesses (including the potential for unauthorized parties to gain access to the system's features and data) and strengths, enabling a full risk assessment to be completed.
- Event logging and monitoring: Atlan has many tools to support monitoring and event logging:
- Prometheus and Grafana for monitoring
- Fluent Bit and Loki for event logging
