A FedRAMP Compliant Platform Out The Gate

Every step of the alumniEX journey from operations to code are aligned to the highest standards. Security is not just how we protect your data, it’s how we plan for the worst, react to new vulnerabilities and make no assumptions.

alumniEX maintains a public Bug Bounty program and works hand-in-hand with our customers and partners as a team, with full transparency to maintain a mature and robust security posture. We invite our customers to undertake their own penetration testing and audit against our organization and openly review our procedures, documentation and code pipelines to provide the most diverse viewpoints and opportunities for improvement.

  • Least Privilege / Zero Trust Architecture
  • Single Tenant AWS IaaS
  • Alignment to NIST 800:53
  • Quarterly Penetration Tests & Bug Bounty Program
  • User First Data Processing (GDPR)

How We Build & Deploy

How our ideas end up in production is a critical component of our Security Program. Customers must have visibility into the DevSecOps factory and the opportunity to be included in the notifications, documentation and impact around significant changes. A commitment to transparency is letting our customers see the code journey.

The alumniEX DevSecOps Team takes this a step further by integrating and automating the enforcement of preventive, detective, and responsive security controls into the pipeline. Using a best practices framework from AWS to include a number of AWS services and third-party tools to address the security controls.

How We Watch

The objective of a continuous monitoring program is to determine if the complete set of planned, required, and deployed security controls within an information system or inherited by the system continue to be effective over time in light of the inevitable changes that occur. Continuous monitoring is an important activity in assessing the security impacts on an information system resulting from planned and unplanned changes to the hardware, software, firmware, or environment of operation (including threat space).