Security Features of Callpilot

Last Updated: 6.30.2022


Security Summary


  • Secure Coding Practices:

    • All code is securely save on GitLab

    • Validating all the inputs before accepting them to maintain data integrity.

    • HTML encoding the user inputs to avoid XSS attacks (leveraging the underlying web framework tools)

    • Achieve zero code warnings

    • Segregating configuration/secrets/passwords per environment

    • Securely saving secret information on Azure Key Vault with restricted access

    • Secret access only through Manged Identities (a password less means to access Key Vault)

    • No secrets are cached in raw format in the application. We use data protection technique to encrypt/decrypt secrets when necessary. Data protection is done with an RSA key of size 2048

    • Using authorization access policies to restrict/allow access to resources

    • Azure resource access is restricted by using Role Based Access Control (RBAC)

    • Any new code merged must be added via pull request

    • At least one other developer must code review and approve before the merge

  • Deployment Security Practices:

    • Only a limited subset of employees act as administrators

    • Sandbox environment: Isolated testing environment that closely mimics the production with redacted values is used for testing

    • Using Staging slots during deployment to reduce the downtime

    • Approval is required for the deployment to higher environments

    • Azure Deployment pipeline is used for code deployments with a restricted number of users having access to it

    • Secrets/passwords management is automated where ever required

    • PAAS services are used to reduce the security risk of not applying emergency patches on time (taken care by Azure)

    • All the external packages are thoroughly verified before using

    • Planning on using static tools like CodeSonar to verify the code and external packages for known risks

  • Multitenancy

    • The user data is organized by Tenant ID and all the queries include the Tenant ID by default with our custom framework without relying on the developer to include that in queries

    • The survey videos are all saved in separate container for each tenant