Trust & Security for alumniEX is the foundation of our operating practice, it defines our thinking, designing, developing, delivering and watching.
The alumniEX solution is built in compliance with NIST 800-53 (FedRAMP Moderate Controls) which explicitly defines the boundary that we store, process or manage your data in and how at all times that data travels and can be accessed.
Every step of the alumniEX journey from operations to code are aligned to the highest standards. Security is not just how we protect your data, it’s how we plan for the worst, react to new vulnerabilities and make no assumptions.
alumniEX maintains a public Bug Bounty program and works hand-in-hand with our customers and partners as a team, with full transparency to maintain a mature and robust security posture. We invite our customers to undertake their own penetration testing and audit against our organization and openly review our procedures, documentation and code pipelines to provide the most diverse viewpoints and opportunities for improvement.
How our ideas end up in production is a critical component of our Security Program. Customers must have visibility into the DevSecOps factory and the opportunity to be included in the notifications, documentation and impact around significant changes. A commitment to transparency is letting our customers see the code journey.
The alumniEX DevSecOps Team takes this a step further by integrating and automating the enforcement of preventive, detective, and responsive security controls into the pipeline. Using a best practices framework from AWS to include a number of AWS services and third-party tools to address the security controls.
