Safeguard at Amnic

Amnic engineers work hard to ensure that our platform and users are 100% safe. However, nobody’s perfect. Should you encounter a security vulnerability, we want to hear from you.

Looking to report a security concern? Please visit our Responsible Disclosure page. To read more about disclosure policy click here

Safety Protocol Features

Data Security

Amnic encrypts data at rest and in transit for all of our customers.

Application Security

Amnic regularly engages some of the industry’s best application security experts for third-party penetration tests. Our penetration testers evaluate the source code, the running application, and the deployed environment.

Infrastructure Security

Amnic uses Amazon Web Services to host our application. We use the security products embedded within the AWS ecosystem, including GuardDuty.

In addition, we deploy our application using containers run on AWS-managed services, meaning we typically do not manage servers or EC2 instances in production.

Amnic has the following certifications:

  1. SOC 2 Type II - Compliant
  1. ISO 27001 - Compliant
  1. GDPR - Compliant

Permissions

  1. AWS - ReadOnly Permission for Cloud cost usage report & Cloudwatch metrics for compute products

  2. Azure - Readonly Permission for Cloud cost usage report & Azure monitor to read utilisation metrics of various compute products

  3. GCP - Big Query Read-only access to the billing dataset to ready cloud cost usage & GCP monitoring to read utilisation metrics of various compute products

Other Security Measures

  1. We have periodic Vulnerability assessment & penetration testing done by outside auditors.

  2. Real time Infrastructure security monitoring enabled.

  3. Real time Application security monitoring enabled.

  4. Real time compliance monitoring to find any deviation on all our certifications like SOC2/ISO/GDPR

  5. Enterprise grade Web application firewall [WAF] enabled on all our products

  6. Enterprise grade Secure Sockets Layer [SSL] configured

Amnic is fully agentless and does not access any data from customer infrastructure.

Amnic is always open to feedback, questions, and suggestions. If you would like to talk to us, please email us at security@amnic.com