Vectice Docs
API Reference (Latest)Vectice WebsiteStart Free Trial
Latest
Latest
  • 🏠Introduction
    • Vectice overview
      • Autolog
      • Next-Gen Autolog [BETA]
      • AskAI
      • Vectice for financial services
  • 🏁Quickstart
    • Getting started
    • Quickstart project
    • Tutorial project
    • FAQ
  • ▶️Demo Center
    • Feature videos
  • 📊Manage AI/ML projects
    • Organize workspaces
      • Create a workspace
      • Workspace Dashboard
    • Organize projects
      • Create a project
      • Project templates best practices
    • Invite colleagues
    • Define phase requirements
    • Collaborate with your team
  • 🚀Log and Manage Assets with Vectice API
    • API cheatsheets
      • Vectice Python API cheatsheet
      • Vectice R API cheatsheet
    • Connect to API
    • Log assets to Vectice
      • Autolog your assets
      • Log datasets
      • Log models
      • Log attachments and notes
      • Log code
      • Log a custom data source
      • Log assets using Vectice IDs
      • Log dataset structure and statistics
      • Log custom metadata in a table format
      • Log MLFLow runs
    • Retrieve assets from app
    • Manage your assets
    • Manage your iteration
    • Preserve your code and asset lineage
  • 🤝Create Model documentation and reports
    • Create model documentation with Vectice Reports
    • Streamline documentation with Macros
    • Auto-document Models and Datasets with AskAI Prompts
    • Document phase outcomes
  • 🗂️Admin Guides
    • Organization management
    • Workspace management
    • Teams management
    • User management
      • User roles and permissions
      • Update a user role in your organization
      • Activate and deactivate users
      • Reset a user's password
    • Manage report templates
  • 🔗Integrations
    • Integrations Overview
    • Integrate Vectice with your data platform
  • 💻IT & Security
    • IT & Security Overview
    • Secure Evaluation Environment Overview
    • Deployment
      • SaaS offering (Multi-Tenant SaaS)
      • Kubernetes self-hosted offering
        • General Architecture & Infrastructure
        • Kubernetes on GCP
          • Appendices
        • Kubernetes on AWS
          • Appendices
        • Kubernetes on Azure
          • Appendices
        • GCP Marketplace deployment
        • On premise
        • Configuration
      • Bring Your Own LLM Guide
    • Data privacy
    • User management
    • SSO management
      • Generic SAML integration
      • Okta SSO integration
    • Security
      • Data storage security
      • Network Security
        • HTTPS communication
        • Reverse proxy
        • CORS/CSRF
        • VPC segregation
      • Sessions
      • Secrets and certificates
      • Audit logs
      • SOC2
      • Security updates
      • Best practices
      • Business continuity
    • Monitoring
      • Installation guide
      • Customizing the deployments
    • Maintenance & upgrades
    • Integrating Vectice Securely
  • ⭐Glossary
    • Concepts
      • Workspaces
      • Projects
        • Setup a project
      • Phases
      • Iterations
        • Iterative development
      • Datasets
        • Dataset resources
        • Dataset properties
        • Dataset lineage and versions
      • Models
      • Reports
  • 🎯Release notes
    • Release notes
  • ↗️References
    • Vectice Python API Reference
    • Vectice R API Cheatsheet
    • Notebooks and code samples
    • Vectice website
Powered by GitBook
On this page
  • National Institute of Standards and Technology (NIST) Cybersecurity Framework
  • OWASP
  • Code static analysis
  • Disaster recovery event
  • Pen test
  • Security review

Was this helpful?

  1. IT & Security
  2. Security

Best practices

We take a comprehensive approach to safeguarding your data and ensuring the reliability of our systems. Here's an overview of the best practices we follow to keep your information protected:

National Institute of Standards and Technology (NIST) Cybersecurity Framework

We adhere to the NIST Cybersecurity Framework, a robust set of guidelines developed by the U.S. government. This framework provides a structured approach to identify, protect, detect, respond to, and recover from cybersecurity threats. By following these guidelines, we ensure our security practices are aligned with recognized industry standards.

OWASP

The Open Web Application Security Project (OWASP) Top 10 is a well-established list of the most critical web application security risks. We actively address these vulnerabilities by implementing security measures that mitigate the risks associated with common attack vectors like injection attacks, broken authentication, and insecure direct object references.

Code static analysis

We incorporate code static analysis tools, such as SonarQube, into our development process. These tools scan our codebase for potential security flaws, coding errors, and vulnerabilities before the code is deployed. This proactive approach helps us identify and fix issues early on, preventing them from reaching production environments.

Disaster recovery event

We have a comprehensive disaster recovery plan to ensure business continuity in the event of an unforeseen incident. This plan outlines procedures for data restoration, system recovery, and minimizing downtime. We regularly test and update this plan to guarantee its effectiveness in a real-world scenario.

Pen test

We engage in annual penetration testing, where ethical hackers simulate real-world attacks to identify weaknesses in our systems and applications. This proactive approach helps us discover and address vulnerabilities before malicious actors can exploit them.

Security review

Our security posture is continuously evaluated through internal security reviews. These reviews thoroughly examine our security controls, policies, and procedures to ensure their effectiveness. Additionally, we may engage external security auditors to provide an independent assessment of our security practices.

PreviousSecurity updatesNextBusiness continuity

Last updated 1 year ago

Was this helpful?

See for details on security updates.

💻
our dedicated page