RevSure.AI Inc
RevSure.AI Inc. is dedicated to protecting its information assets and ensuring a secure operating environment for all employees and third-party partners. Our commitment to security extends through established policies designed to mitigate risks associated with information security incidents. During our operations, we adhere to industry standards and continuous review to effectively respond to evolving threats.
Product Security
Audit Logging
Comprehensive logging practices ensure visibility into actions taken within our applications.
Integrations
All integrations undergo security assessments to ensure compliance with our standards.
Security Contact
A designated security contact is established for inquiries and incident reporting.
Multi Factor Authentication
MFA is enforced for all user access to enhance security measures.
Role Based Access Control
Access control is based on defined roles to restrict data access effectively.
SSO support
Single Sign-On (SSO) capabilities are implemented to streamline secure access to applications.
Reports
Pen Test Report
Outcomes of penetration tests are documented and used to inform security improvements.
Architecture Diagram
Up-to-date architecture diagrams reflect the security posture of our systems.
Certifications
We maintain relevant certifications that demonstrate our commitment to security best practices.
Data Security
Access Monitoring
We employ continuous access monitoring to ensure compliance with access control policies and detect unauthorized access promptly.
Backups
Regular backups are performed and securely stored to ensure that critical data can be recovered in the event of any incident.
Encryption
All sensitive data both at rest and in transit is encrypted using recognized standards (e.g., AES-256) to prevent unauthorized access.
Physical Security
Physical security measures, such as biometric controls and surveillance systems, are in place to protect our facilities and access points.
App Security
Code Analysis
We perform static code analysis throughout the development lifecycle to identify vulnerabilities early and ensure adherence to secure coding practices.
Secure Development Practices
Our development process mandates secure coding standards, peer reviews, and rigorous test cycles to safeguard applications against vulnerabilities.
Web Application Firewall
We have implemented a Web Application Firewall (WAF) to filter and monitor HTTP traffic to and from our applications, ensuring protection against common web exploits.
Privacy Policy
Our privacy policy outlines our commitment to data protection in compliance with GDPR and other regulations, detailing how we collect, use, and safeguard personal data.
Terms of Service
The terms of service lay out user expectations and responsibilities, including compliance with our security protocols.
Subprocessors
We conduct thorough due diligence and ensure compliance agreements with subprocessors that handle personal data.
Data Processing Agreement
Agreements with subprocessors include data processing terms that align with our data protection commitments.
Access Control
Data Access
Access is granted based on a principle of least privilege, ensuring users only have access to data necessary for their roles.
Logging
Comprehensive logging of user access and actions is maintained to support auditing and incident response.
Password Security
Password policies enforce the use of strong, unique passwords and regular updates to ensure account protection.
Infrastructure
Anti DDoS
DDoS protection mechanisms are in place to defend against distributed denial of service attacks.
Business Continuity and Disaster Recovery
Comprehensive plans are in place to ensure business continuity and recovery from incidents.
Infrastructure Security
Regular assessments and reviews ensure the security and integrity of our infrastructure.
Cloud Infrastructure Provider
We utilize reputable cloud service providers that comply with industry standards and security certifications.
Separation between Production and non-production
Strict segregation is maintained between production and non-production environments to mitigate risks.
Endpoint Security
Disk Encryption
All company-issued devices utilize disk encryption to protect sensitive data from unauthorized access.
MDM
Mobile Device Management (MDM) solutions are deployed to secure and manage mobile devices that access company resources.
Threat Detection
Advanced threat detection systems monitor our environment for anomalies and respond to potential threats in real-time.
Network Security
Real time security and events management
We employ Security Information and Event Management (SIEM) systems for real-time monitoring and alerting on network security events.
Zero Trust
Our network security strategy adopts a Zero Trust model, ensuring verification for every request regardless of the source.
Corporate Security
Email protection
Anti-phishing and spam filters are in place to protect against email threats.
Employee Training
Regular security awareness and training sessions are conducted to empower employees to recognize and respond to security threats.
Incident Response
A documented incident response plan outlines the steps for effectively managing and reporting security incidents.
Internal Assessments
Periodic internal assessments evaluate our security posture and compliance with policies.
User Account Protection
Multi-Factor Authentication (MFA) is mandated for all user accounts to enhance security.
Penetration Testing
Regular penetration testing is performed to identify and remediate vulnerabilities in our systems.
Security Grades
CryptCheck
https://cryptcheck.fr/https/security.revsure.ai
HSTS Preload List
https://hstspreload.org/?domain=security.revsure.ai
Qualys SSL Labs
https://www.ssllabs.com/ssltest/analyze.html?d=security.revsure.ai
Security Headers
https://securityheaders.com/?q=security.revsure.ai&followRedirects=on
