Aspecto Security
We put the protection of our users’ data our top concern by implementing the highest industry standard of security level
Application Security & Aspecto SDK
We provide you with an SDK, based on an open-source called OpenTelemetry (a member of the CNCF), which is implemented at the code level.
According to your authorization, the SDK collects inter-service communication of microservices in the environments they are executed in. We then analyze it, aggregate it and visualize it for you over our platform.
Our platform is a web interface that is being accessed with a dedicated user name and password per user (managed by Auth0 and SSO).
What Data We Collect
You have full control over the data you send us.
You decide which services to monitor, what data to avoid, the amount of data, and on which environments to run Aspecto.
Per each service that is protected by Aspecto, you can decide which specific fields will not be monitored at all, so data from this field would not be collected. You can also define to scramble the data in such fields.
If you choose, Aspecto enables you to define a specific percentage of data to be monitored. This option is controlled by a smart sampling mechanism. The sampling rate can be defined per end-point.
You also get full control over data retention.
To put it into a real-world example, you can set a privacy policy so that for Service X only 1% of traffic will be processed without fields that are associated with PII and that the data will be saved for 7 days.
Aspecto 24/7 Support
We provide 24/7 support for security or technical issues via designated Slack channel, email, and hotline.
Data Security & GDPR Compliance
We know that maintaining privacy compliance is a top concern for your business and do our best to provide you with a well-deserved piece of mind.
To do that, we implement comprehensive data protection and privacy audits of our policies, applications, systems, and networks.
We take into account the measures required by the GDPR and ensure that personal data is stored securely by using modern software that is kept up to date.
Our customers’ data is encrypted both in transit and at rest.
Access to personal data is limited to personnel on a “need to know” basis and appropriate security measures are put in place to avoid unauthorized sharing of information.
We follow strict international standards and regulations to keep your information safe and are SOC 2 Type II certified, as well as HIPAA compliant.
We run a pen-testing check at least annually.
Our Terms and Conditions and Privacy Policy are up-to-date and reflect our GDPR readiness.
Aspecto is SOC2 Type 2 Compliant
SOC 2 compliance is a component of the American Institute of CPAs (AICPA)’s Service Organization Control reporting platform. SOC 2 ensures that we follow strict information security policies and procedures encompassing the security, availability, processing, integrity, and confidentiality of our users’ data.
Data Retention
We implement techniques, systems, and procedures that ensure retention is limited for no longer than needed to provide our services and the level of data sensitivity – days to weeks per feature. You can modify it per your request.
