Skip to content


PurpleOps implements the following security features to protect assessment data:

  • Enforced authentication for all endpoints
  • Role-based access control
  • Limit the assessments each user can see / access
  • Multi-Factor Authentication
  • Forced initial password reset
  • Static code security analysers

It's highly recommended that this is bolstered with:

  • TLS
  • IP whitelisting