Skip to main content
All CollectionsHackEDU FAQsTechnical Support
What are HackEDU's Security Controls?
What are HackEDU's Security Controls?

This article outlines HackEDU's security controls and policies.

Rachel Yonan avatar
Written by Rachel Yonan
Updated over a week ago

HackEDU employs a wide range of security controls in order to mitigate the risk of vulnerabilities and protect user data. HackEDU is a SaaS platform that is accessed through a web browser so no software is required to be installed on the users system. Although we will not give full details of all of our security measures in place below are some high level details.

User Security

Users log in using either username/password or single sign on (SSO) using SAML authentication.

Content Delivery Network (CDN)

HackEDU uses a content delivery network to help with Denial-of-Service (DoS) attacks. This helps ensure that our services and data are highly available.

Data Security

HackEDU takes data security and privacy seriously. We go above and beyond data privacy laws (including GDPR and CCPA) ensuring that only the strongest cryptographic algorithms are selected for both data in transit and data at rest. In addition, HackEDU uses a strong data minimization policy and does not collect any personally identifiable information from users beyond email address and IP address.

3rd Party Vulnerability Assessments

In addition to conducting vulnerability assessments, HackEDU also has independent third-parties conduct vulnerability assessments as well. This helps remove HackEDU’s bias and provides assurances that HackEDU is taking the necessary and expected steps to mitigate all security risks.

Continuous Security Monitoring

HackEDU employs AWS Security Hub with monitoring all of HackEDU’s assets 24/7. The alerts and results are triaged by personnel based on the criticality of the alert.

Log Analysis

Servers log all activities that happen and these activities provide information about if/when a security incident has occurred. HackEDU’s log analysis pulls all of the logs from all of our products’ servers. All of these logs are combed for information about security incidents.

Secure SDLC

HackEDU uses a secure Software Development Lifecycle process based on best practices and frameworks. HackEDU requires all developers to take HackEDU’s Secure Development Training.

Did this answer your question?