Security
Last updated
Was this helpful?
Last updated
Was this helpful?
GMetri goes through stringent VAPT (Vulnerability and Penetration Testing) to ensure its Security is up to the mark.
This follows a well-documented security testing procedure that covers all major security standards around the globe including OWASP, SANS, CERT, PCI and ISO27001.
Apart from this GMetri also allows SAML based SSO, along with , to be integrated with the Metaverse experiences, adding an additional layer of security.
Encryption in transit protects the data if communication is intercepted while the data moves between the consumer and the service provider.
All GMetri endpoints have a forced redirect to https:// protocol, ensuring all data in transit remains protected.
All non-public endpoints are authenticated and authorized using JWT tokens sent in request headers.
GMetri uses a TLS 1.2 certificate with a RSA 2048 bits key for its SSL encryption.
This policy lists the measures taken against the usability of the data in the case of a data breach. Data encryption at rest ensures that the data is unusable in such a case.
All data stored in S3 is encrypted at rest using the AES-256 algorithm using SSE-S3 keys as described here: https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html