You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/cloud/features/security/security.md
+3Lines changed: 3 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -44,6 +44,8 @@ Below you will find a few examples of our interal code requirements.
44
44
- Each commit to main is approved by someone different than the author.
45
45
- We follow the standard of signing commits and then registering the key with GitHub. [Github Docs](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits)
46
46
- Binary is signed using cosign and OIDC for keyless. [Signing docs](https://docs.sigstore.dev/cosign/signing/overview/)
47
+
- Encryption is a key feature of our security posture as well. This is enforced at each stage of access. For example, the state database automatically encrypts all data. Credentials are also securely encrypted and stored.
48
+
- We backup each state database nightly as well as before upgrades. These are stored indefinitely.
47
49
48
50
49
51
## Physical Property
@@ -63,3 +65,4 @@ Revoke access for the GitHub user account associated with the compromised key an
63
65
- Mandatory lock screen after a timeout
64
66
- We have a procedure for the disposal of an IT asset to mitigate keys being compromised through inappropriate disposal
0 commit comments