Security
At CucumberStudio we hope to enable Agile and DevOps teams to collaborate effectively and test continuously with more accuracy. We also recognize that entrusting your applications in our cloud requires a certain degree of trust, which is why we have worked hard to create a platform that allows customers of all sizes to collaborate on their projects without having to worry about security. The privacy of our customers’ testing and data is paramount and the entire service has been built around ensuring we protect both. The following includes details outlining how we continually prioritize security at CucumberStudio to ensure trust for our users.
Application level security
CucumberStudio stores customer passwords in an encrypted format (hashed with bcrypt) and all login information is passed over secure HTTPS connections. We do not store or process any payment information at CucumberStudio.
Network access
HTTPS is used throughout the entire platform, providing a secure, encrypted connection that ensures safety of any data passing through the application. Real time updates utilizes secure web sockets (WSS) as the transport protocol between CucumberStudio servers and the end user’s client, adding an additional layer of security.
Data security
-
CucumberStudio backs up its server data daily and stores them separately from the main servers.
-
CucumberStudio data is portable. You can download your project data from CucumberStudio any time.
-
All our servers encrypt data at rest. The servers can be accessed only through TLS connections.
-
Our infrastructure provider contractually guarantees that when a disk goes to maintenance, all data on it are erased.
-
We might collect certain metrics that help us better understand how our clients use the product. This data doesn’t include personal or sensitive information. We don’t share the collected info with any third parties. Read our Terms of Use and our Privacy Policy for details.
Environment
We use Scalingo services to host CucumberStudio. The data center is located in Paris, France, and operated by 3DS Outscale.
Data center details
- Tier IV+ certified
- ISO/IEC 27001:2013 certified
- ISO 27017: Cloud Security certified
- ISO 27018 : Cloud Privacy Protection certified
- CISPE Code of Conduct and GDPR certified
- Also has SecNumCloud, HDS Health Data Hosting Provider, LUCIE 26000, and other certificates
You can find complete information at the 3DS Outscale website: https://en.outscale.com/.