Security at Evren
This page provides an overview of the security measures taken by Evren to protect source code, vulnerability data and user data hosted on our platform from unauthorized access. Where relevant, we include links to security guidelines and resources developed by third parties.
Data Storage
Evren's management platform is hosted in the cloud. All data is stored encrypted at rest and continuously backed up securely.
Cloud data centers employ advanced physical, network, and software security measures to ensure the integrity and safety of customers’ data. Additionally, Evren follows all applicable security best practices, such as:
Secure access: Data transferred between Evren servers and other facilities is secured via SSL endpoints using the HTTPS protocol.
Multi-factor authentication: Use of multi-factor authentication is enforced for all critical services used by Evren thus reducing the risk of unauthorized access.
Evren does not store any sensitive customer or end-user data. All user data across systems can be deleted upon request.
Data Transfer
Evren uses a secure channel using 256-bit SSL (Secure Socket Layers) encryption, the standard for secure Internet connections, for all traffic between desktop clients, mobile devices, and our servers. All SSL termination points are hardened to provide the highest levels of security.
Evren uses certificates to ensure secure and short-lived certificates that are automatically renewed every quarter.
Patch Management
Wherever possible, Evren relies on managed services, which automatically and in a timely fashion manage all updates and security fixes.
Evren has an internal Vulnerability Management Policy to ensure all unmanaged systems are kept up-to-date and free of known vulnerabilities.
Secure Coding
Evren uses leading industry standard code validation tools to continuously assess our internal systems for vulnerabilities, we have stringent review policies in place to ensure that all code is checked and validated multiple times via peer review to ensure the best possible experience for our customers.
Incident Response Plan
Evren has an internal Data Breach Response Policy and an Incident Response Plan to ensure timely action in the unlikely event of a breach.
Logging and Monitoring
Both application logs and production system logs are sent in real-time to a centralized logging infrastructure. These logs are not directly accessible outside our organization. Logs do not contain sensitive data, or passwords and are retained for 18 months.
Privacy
For information on our privacy guidelines, please view our privacy policy.
Bug Reporting
We encourage responsible reporting of security vulnerabilities and software bugs. In the case that you found a vulnerability, please report it to InformationSecurity@evren.co and abstain from publicly announcing it before it is fixed. Please note that we discourage attempts to gain illegitimate access to another user’s account or data, compromise the reliability and/or integrity of our services, and use of automated tools to find vulnerabilities.
Our community plays an important role in helping us stay bug-free and secure.
This page provides an overview of the security measures taken by Evren to protect source code, vulnerability data and user data hosted on our platform from unauthorized access. Where relevant, we include links to security guidelines and resources developed by third parties.
Data Storage
Evren's management platform is hosted in the cloud. All data is stored encrypted at rest and continuously backed up securely.
Cloud data centers employ advanced physical, network, and software security measures to ensure the integrity and safety of customers’ data. Additionally, Evren follows all applicable security best practices, such as:
Secure access: Data transferred between Evren servers and other facilities is secured via SSL endpoints using the HTTPS protocol.
Multi-factor authentication: Use of multi-factor authentication is enforced for all critical services used by Evren thus reducing the risk of unauthorized access.
Evren does not store any sensitive customer or end-user data. All user data across systems can be deleted upon request.
Data Transfer
Evren uses a secure channel using 256-bit SSL (Secure Socket Layers) encryption, the standard for secure Internet connections, for all traffic between desktop clients, mobile devices, and our servers. All SSL termination points are hardened to provide the highest levels of security.
Evren uses certificates to ensure secure and short-lived certificates that are automatically renewed every quarter.
Patch Management
Wherever possible, Evren relies on managed services, which automatically and in a timely fashion manage all updates and security fixes.
Evren has an internal Vulnerability Management Policy to ensure all unmanaged systems are kept up-to-date and free of known vulnerabilities.
Secure Coding
Evren uses leading industry standard code validation tools to continuously assess our internal systems for vulnerabilities, we have stringent review policies in place to ensure that all code is checked and validated multiple times via peer review to ensure the best possible experience for our customers.
Incident Response Plan
Evren has an internal Data Breach Response Policy and an Incident Response Plan to ensure timely action in the unlikely event of a breach.
Logging and Monitoring
Both application logs and production system logs are sent in real-time to a centralized logging infrastructure. These logs are not directly accessible outside our organization. Logs do not contain sensitive data, or passwords and are retained for 18 months.
Privacy
For information on our privacy guidelines, please view our privacy policy.
Bug Reporting
We encourage responsible reporting of security vulnerabilities and software bugs. In the case that you found a vulnerability, please report it to InformationSecurity@evren.co and abstain from publicly announcing it before it is fixed. Please note that we discourage attempts to gain illegitimate access to another user’s account or data, compromise the reliability and/or integrity of our services, and use of automated tools to find vulnerabilities.
Our community plays an important role in helping us stay bug-free and secure.
This page provides an overview of the security measures taken by Evren to protect source code, vulnerability data and user data hosted on our platform from unauthorized access. Where relevant, we include links to security guidelines and resources developed by third parties.
Data Storage
Evren's management platform is hosted in the cloud. All data is stored encrypted at rest and continuously backed up securely.
Cloud data centers employ advanced physical, network, and software security measures to ensure the integrity and safety of customers’ data. Additionally, Evren follows all applicable security best practices, such as:
Secure access: Data transferred between Evren servers and other facilities is secured via SSL endpoints using the HTTPS protocol.
Multi-factor authentication: Use of multi-factor authentication is enforced for all critical services used by Evren thus reducing the risk of unauthorized access.
Evren does not store any sensitive customer or end-user data. All user data across systems can be deleted upon request.
Data Transfer
Evren uses a secure channel using 256-bit SSL (Secure Socket Layers) encryption, the standard for secure Internet connections, for all traffic between desktop clients, mobile devices, and our servers. All SSL termination points are hardened to provide the highest levels of security.
Evren uses certificates to ensure secure and short-lived certificates that are automatically renewed every quarter.
Patch Management
Wherever possible, Evren relies on managed services, which automatically and in a timely fashion manage all updates and security fixes.
Evren has an internal Vulnerability Management Policy to ensure all unmanaged systems are kept up-to-date and free of known vulnerabilities.
Secure Coding
Evren uses leading industry standard code validation tools to continuously assess our internal systems for vulnerabilities, we have stringent review policies in place to ensure that all code is checked and validated multiple times via peer review to ensure the best possible experience for our customers.
Incident Response Plan
Evren has an internal Data Breach Response Policy and an Incident Response Plan to ensure timely action in the unlikely event of a breach.
Logging and Monitoring
Both application logs and production system logs are sent in real-time to a centralized logging infrastructure. These logs are not directly accessible outside our organization. Logs do not contain sensitive data, or passwords and are retained for 18 months.
Privacy
For information on our privacy guidelines, please view our privacy policy.
Bug Reporting
We encourage responsible reporting of security vulnerabilities and software bugs. In the case that you found a vulnerability, please report it to InformationSecurity@evren.co and abstain from publicly announcing it before it is fixed. Please note that we discourage attempts to gain illegitimate access to another user’s account or data, compromise the reliability and/or integrity of our services, and use of automated tools to find vulnerabilities.
Our community plays an important role in helping us stay bug-free and secure.