Security¶
PurpleOps implements the following security features to protect assessment data:
- Enforced authentication for all endpoints
- Role-based access control
- Limit the assessments each user can see / access
- Multi-Factor Authentication
- Forced initial password reset
- Static code security analysers
It's highly recommended that this is bolstered with:
- TLS
- IP whitelisting