Security You Can Trust
AirMap employs a wide range of security controls in order to mitigate the risk of vulnerabilities. A few of the security controls in place are a 24/7 Security Operations Center which includes an Intrusion Detection System, Log Analysis, and a Web Application Firewall; Penetration Testing & Vulnerability Assessments, Content Delivery Network, and Data Security Controls.
24/7 Security Operations Center (SOC)
AirMap has security personnel monitor our intrusion detection system, conduct log analysis, and review findings from our web application firewall 24 hours a day, 7 days a week, 365 days a year.
Servers log all activities that happen and these activities provide clues about if/when a security incident has occurred. AirMap’s log analysis pulls all of the logs from all of our products’ servers. All of these logs are combed for clues about security incidents both automatically and manually.
Penetration Tests & Vulnerability Assessments
AirMap conducts offensive attacks on our applications, computer systems, and network to try to find security weaknesses. Any weaknesses AirMap finds are quickly fixed and remediated. This testing allows AirMap to think like an attacker and ensure the risk of vulnerabilities in our systems are mitigated so that we can provide accurate, reliable, and secure information and services.
Content Delivery Network (CDN)
AirMap uses a content delivery network to help with Denial-of-Service (DoS) attacks. This helps ensure that our services and data are highly available.
Intrusion Detection System (IDS)
AirMap’s intrusion detection system monitors our products’ network and system (servers) for malicious behavior or violations of policy. Intrusions are reported to a Security Operations Center (SOC) operator so they can investigate further and take action based on our documented incident response plan.
Web Application Firewall (WAF)
AirMap’s Web Application Firewall (WAF) looks for attacks on our software applications and APIs. The WAF will find application attacks that are meant to take over a system, pull information from a database, and attack other users of the software. The WAF will help prevent these attacks from being successful.
3rd Party Vulnerability Assessments
In addition to conducting vulnerability assessments, AirMap also has independent third-parties conduct vulnerability assessments as well. This helps remove AirMap’s bias and provides assurances that AirMap is taking the necessary and expected steps to mitigate all security risks.
AirMap takes data security and privacy seriously. We go above and beyond data privacy laws by ensuring that only the strongest cryptographic algorithms are selected for both data in transit and data at rest.