Security

We know that intellectual property is fundamental to how our customers build value in their businesses. Protecting customer data is critical. We place security at the core of everything we do, ensuring that data protection is theprimary consideration across every portion of our platforms.

  • We build our platforms on Amazon Web Services (AWS) cloud infrastructure and fully leverage all the protections it has to offer (e.g.99.999999999% (11 9’s) durability for all file storage)
  • All data are highly encrypted (AES-256) wherever possible, both when data are ‘in transit’ and ‘at rest’
  • We use a dedicated Virtual Private Cloud environment per customer to ensure your data are isolated and secured at all times
  • We operate in multiple data centers across the globe for purposes of resiliency and disaster recovery
Layered security

Physical/Infrastructure Security

Catalytic leverages carefully selected third-party infrastructure, assuring that customer data and the data assets stored or processed are protected by leveraging Amazon Web Services (AWS) for all web applications and customer data. AWS infrastructure is ISO-27001 certified and AWS has completed audits for SOC 1 (formerly SSAE 16/ISAE 3402), SOC 2, and SOC 3. We operate across multiple data centers to ensure resiliency and for disaster recovery.

Application Security

Our applications undergo routine comprehensive assessments by third-party organizations to ensure the highest levels of protection against known security vulnerabilities, common security penetration techniques, and software development pitfalls. We practice secure development and testing methodologies and use encryption to safeguard customer data both in transit and at rest. To validate our source code and third-party libraries and software, we use multiple tools including Veracode for source code security analyses, Clair for vulnerability analysis of our Docker containers, and Alert Logic for 24/7 security monitoring.

Network Security

We use multiple layers of network and operational protection to ensure customer data is continuously protected. Each customer has a dedicated virtual private cloud environment to ensure that your users and data are isolated and secured at all times. We use the techniques of both isolation and least privilege to ensure maximal security for each customer.

Questions or Comments

If you have any questions, comments, or concerns regarding the security ofthe Catalytic Platform, please contact us by clicking here.