Summary:
This article describes how the BrynQ infrastructure is protected with firewalls, malware protection, intrusion detection, logging, and regular penetration tests.
BrynQ infrastructure security overview
Salure operates a secure infrastructure for BrynQ with several layers of technical measures. These are designed to prevent attacks, detect suspicious activity, and provide evidence for incident investigations.
Network and perimeter security
All BrynQ servers and software packages are placed behind a managed firewall that is automatically updated and has a backup unit for emergencies.
The firewall in the BrynQ architecture filters incoming and outgoing traffic and includes Intrusion Detection and Prevention.
A reverse proxy behind the firewall routes requests to the correct internal server and hides internal details from the outside world.
There are controls for network security management, security of network services, and segmentation of networks.
Malware protection and intrusion detection
Specialized malware protection detects and blocks malicious software; it is updated every hour from trusted sources.
An Intrusion Detection System (IDS) monitors attacks; IP addresses that show risky behavior are blocked automatically.
These tools are supported by procedures and technical vulnerability management.
Logging, monitoring, and SIEM integration
Salure records extensive logs and offers an audit trail that customers can consult. Suspicious activities, such as many failed logins or password changes, trigger alerts.
Logs of API transactions and other events can be sent to central logging solutions such as a SIEM platform or Microsoft Azure log services.
There are controls for event logging, log protection, and audit considerations.
Penetration testing and technical reviews
Salure regularly orders external penetration tests, covering both the infrastructure and the full software code.
Found weaknesses are fixed and then retested by the same external party to confirm they are solved.
There are measures for technical compliance reviews and management of technical vulnerabilities.
Procedure:
When you perform a vendor evaluation, use the “Network and perimeter security” section to explain how firewalls and network segmentation protect the platform.
Use “Malware protection and intrusion detection” to answer questions about how attacks and malware are detected and blocked.
Use “Logging, monitoring, and SIEM integration” to decide which logs you want from BrynQ in your own SIEM.
Use “Penetration testing and technical reviews” if your organization needs proof of testing, and request recent test summaries from Salure if needed.
Record these points in your internal security documentation or vendor risk register.
Additional Information:
Infrastructure measures are linked to Salure’s ISO 27001 certification, which covers the development of software and Business Intelligence services such as BrynQ.