3rd Party Penetration Testing

Wiredrive uses a top tier web security company to complete manual penetration testing of the entire Wiredrive application, starting in October 2013. The same company also tests when new features are released that could potentially cause security related regressions. They also run continuous automated tests of the entire application. Quarterly reports are available to customers upon request. In addition, several Wiredrive clients have run their own 3rd party tests as part of their evaluation process.

Static Code Scans

As part of the SDLC (Software Development Life Cycle), Wiredrive runs a static code scan daily. This help identify potential vulnerabilities long before the code is pushed to the production environment. Please see the case study published with our vendor Checkmarx.

Hosting and Cloud Providers

The Wiredrive application is runs in multiple SOC2 compliant data centers including AWS.

Password Encryption

All passwords are encrypted and stored in the database using modern cryptography according to OWASP best practices.

Supported SSL Encryption Level

Top priority is given to modern encryption implementations of AES 256 and 128-bit ciphers. Fallback is provided for situations where a browser supporting the latest features is unavailable. We have full coverage for Forward Secrecy on browsers which support it.