We view security as more than a feature. It is a fundamental aspect of our business and culture through transparency, continuous learning, and a security-first mindset.
By instilling a sense of collective responsibility for security, everyone at Spectro Cloud contributes to our overall security posture. Our dedication to security helps protect your interests and enhances the quality and reliability of our software and services.
All Spectro Cloud employees receive mandatory security training. Our developers receive additional training focused on software security, as they are the first line of defense through secure coding practices, and they complete Open Worldwide Application Security Project (OWASP) Top 10 training to understand, identify and mitigate the most critical security risks and vulnerabilities that affect web applications.
Palette uses a micro services-based architecture, and we take steps to ensure each service is secured. Product functionality is broken down logically into isolated services within containers. Containers are deployed in a Kubernetes cluster, called a management cluster, that Palette hosts and manages in SaaS mode or that users can host and manage in a self-hosted environment. Learn more by reviewing Secure Product Architecture.
Compliance & Standards
We believe adherence to industry standards and regulations is critical to maintaining the highest levels of security for our customers. We ensure our software complies with all relevant laws and regulations, and we continuously evaluate and update our compliance efforts to stay current with emerging regulations and requirements. To learn about our product certifications, check out the Compliance reference.
We list any Common Vulnerabilities and Exposure (CVE) issues that affect Palette or any part of its infrastructure in our Security Bulletins along with the fix applied and any workarounds.
Report Security Issues
Please contact our Security team at firstname.lastname@example.org to report any security issues.