top title background image

Security and Privacy

Joe Security takes security and data privacy very serious. You decide about the deployment model, Cloud or On-Premise and you decide how long something is stored. Apart from Cloud Basic, our community service, Joe Security does not share or use any of your data.

Customer Data Protection

  • Logical or physical Tenant Separation
  • Encryption In-Transit (TLS 1.2, SSL Labs Grad A)
  • Encryption At Rest (AES-128 or AES-256)

Customer Data Control

  • Configurable Data Retention (1 – 30 days max)
  • Secure deletion at any time (manual or via API)
  • Encryption of Analyses with Customer-provided passwords

Cloud Security

  • Redundant Infrastructure (Cloud Pro)
  • DDOS Protection & WAF
  • SSO, 2FA and security log
  • Vulnerability Scanning

Application Security

  • Annual Penetration Testing
  • Vulnerability Scanning

Compliance

  • Joe Security is fully ISO 27001 certified
  • All Data Centers are ISO 27001 certified and located in Europe
  • GDPR compliant (DPA available)

Data Privacy

  • No sharing of analysis reports with third parties
  • No sharing of samples, IOCs or other artifacts with third parties
  • No use of IOCs for threat intelligence or feeds

Sustainability

  • Carbon-neutral datacenters
  • Solar energy powered offices
  • Local carbon offsetting projects