Horangi Warden Named a Leader in G2 Winter 2023 Grid Reports in Cloud Security
logo

EN

Products +

Services +

Customers +

Partners +

Resources +

Security

Horangi continuously manages a robust security program to oversee and secure customer data. Using the CIA triad (Confidentiality, Integrity and Availability) as the core principles of Horangi’s security infrastructure, the Internal Security Team, led by the VP of Internal Security, maintains, updates, and implements the strictest security policies to govern processes that safeguard the data collected and handled in the provision of Horangi’s services and products.

Secure Infrastructure

Horangi hosts Warden, our flagship CSPM tool, in Amazon Web Services (AWS) data centers to ensure continual product availability. AWS is an industry leader in the provision of cloud infrastructure that complies with ISO 27001 and SOC 2 Type II standards. 

Warden operates within Horangi’s private network inside our cloud platform, and we located the servers and network ports behind load balancers and a secure VPN architecture.

We protect and ensure the safety of our infrastructure with rigorous testing regimes, including automated scanning and engaging third-party vendors to provide independent, unbiased validations on security and compliance.

We ensure all data is encrypted both in transit and at rest. Horangi uses industry-standard encryptions Transport Layer Security (TLS) or Secure Socket Layer (SSL) to protect your data in transit. 

Personal data is encrypted with industry-standard encryption algorithms.

Horangi practices defense-in-depth by implementing a combination of technical, physical, and logical safeguards to enforce security controls over personal data in our possession or under our control. Horangi uses AWS Key Management Services for database encryption and secure key management.

Securing our Employees

Part of Horangi’s culture is cultivating and embedding a security mindset across the organization.

Employees undergo security awareness training during their onboarding process, and undergo refresher training annually. The security syllabus was developed and continuously updated by in-house consultants, and includes topics that address current threats and scams, email security, and awareness of security when working remotely.

Access Management

Horangi adheres to the principle of least privilege.

We review employees' access rights regularly to ensure that only the necessary access levels are granted for them to perform their work effectively and productively. 

Access to online applications and endpoints is managed centrally with a cloud directory solution, and access to core systems is centrally managed with SSO. Horangi employs an EDR solution that enforces security configurations and protection for all company-owned devices.

Third-party Validation

Horangi regularly conducts continual assessments to identify and fix security vulnerabilities in our product and infrastructure. We employ third-party vendors to perform penetration testing and corporate infrastructure security assessments and audits, such as the annual SOC 2 Type II audit.

More From Horangi Trust Center