Cybersecurity
Nantum AI takes your security seriously. As buildings become digitized over the next decade, your real estate technology solutions need cybersecurity at their core. Our platform has security at the heart of its architecture, from system design, building system connections, data cryptography, to data ownership, storage, and protection.
SOC 2 Type II
A SOC 2 Type II audit assesses an organization's controls and processes related to security, availability, processing integrity, confidentiality, and privacy.
-
The LI-SaaS Baseline accounts for Low-Impact SaaS applications that do not store personal identifiable information (PII) beyond that is generally required for login capability (i.e. username, password, and email address).
-
The NIST 800-53 is a cybersecurity standard and compliance framework developed by the National Institute of Standards in Technology. It’s a continuously updated framework that tries to flexibly define standards, controls, and assessments based on risk, cost-effectiveness, and capabilities.
-
A host-based intrusion detection system (HIDS) is an intrusion detection system that is capable of monitoring and analyzing the internals of a computing system as well as the network packets on its network interfaces, similar to the way a network-based intrusion detection system (NIDS) operates.
-
Static application security testing (SAST), or static analysis, is a testing methodology that analyzes source code to find security vulnerabilities that make your organization's applications susceptible to attack. SAST scans an application before the code is compiled. It's also known as white box testing.
-
ynamic Application Security Testing (DAST) is the process of analyzing a web application through the front-end to find vulnerabilities through simulated attacks. This type of approach evaluates the application from the “outside in” by attacking an application like a malicious user would.
-
The Common Vulnerability Scoring System (CVSS) v3.0 is an open framework that uses a numerical score to communicate the severity of software vulnerabilities.
-
Multi-factor authentication (MFA) is a multi-step account login process that requires users to enter more information than just a password.
-
Transport Layer Security (TLS) 1.2 is the successor to Secure Sockets Layer (SSL) used by endpoint devices and applications to authenticate and encrypt data securely when transferred over a network. TLS protocol is a widely accepted standard used by devices such as computers, phones, IoTs, meters, and sensors.
-
Encryption at rest is a database-level protection layer to guarantee that the written files and data are encrypted while stored.
-
AES-256 encryption uses the 256-bit key length to encrypt as well as decrypt a block of messages.
-
A Key Management System (KMS) is a system that manages and stores cryptographic keys and certificates, as well as their metadata. This includes the generation, distribution, storage, backup, archive, recovery, use, revocation, and destruction of keys.
-
PS256, or RSA Signature with SHA-256, is an asymmetric algorithm that uses a public and private key to sign and encrypt messages:
-
The disaster recovery plan should be consistently reviewed and revised to account for changes in business technology, operations and potential risk factors.
-
Strong security practices across all gateway hardware devices and throughout operations systems.
-
All setting arounds firewalls and other connections are verified to be secure.
-
Penetration tests are simulated cybersecurity attacks conducted by 3rd-party experts on both internal and external networks with the purpose of finding vulnerabilities.
-
Managed Detection and Response provides 24/7 monitoring on network, system, and application infrastructure in order to detect, analyze, and respond to cyber threats.