Your infrastructure.
Yours alone.
With OwlEye, every piece of your infrastructure is your own. Through containerization across each component of the environment, we protect each customer’s data and reduce the blast radius of any attack.
0
1
1
0
0
1
0
1
1
0
1
0
0
1
1
0
1
0
1
1
0
1
1
0
1
0
0
1
1
0
1
1
0
1
0
0
1
0
1
0
0
1
0
1
1
0
1
0
0
1
0
1
0
1
1
0
0
0
1
1
0
1
0
0
1
1
0
1
0
1
1
0
0
1
1
0
1
0
1
0
1
0
0
1
0
1
1
0
1
0
0
1
0
1
1
0
0
1
1
0
1
0
1
0
1
1
0
0
1
0
1
0
1
1
1
1
0
0
1
0
1
1
0
1
0
0
1
0
1
1
0
0
1
0
1
0
1
1
0
0
1
0
1
0
1
1
0
1
0
1
0
0
1
0
1
0
0
1
1
0
1
0
1
1
0
1
0
0
1
0
1
0
1
0
0
1
1
0
1
0
0
1
0
1
1
0
1
0
1
0
Database security
We maintain separate containerized database infrastructure for every client and application, each with its own unique authentication. This mitigates the risk of unauthorized access between applications and tenants.
File system security
All web application containers and the file systems holding uploaded media run in read-only mode. This protects applications against common attacks that try to install backdoor shells or other malicious files.
Application security
We maintain containerized instances of WordPress and Node.js applications, each with isolated processes, memory, and file system. This improves the security posture of every application environment we run.
Data center security
Our origin data centers meet ISO/IEC 27001 certification, SSAE No. 18 (SOC 1), and SOC 2 Type 2 — independently attested every year.
Encrypted backups
Production database backups are taken every hour and retained for 30 days, stored in an encrypted format to ensure data continuity while maintaining confidentiality.
Managed TLS
Our platform automates procurement and renewal of TLS certificates from Let’s Encrypt, ensuring certificates are always valid. Customers may also bring their own certificates from any TLS authority.
Need a data protection brief for your risk team?
We’ll send the containerization model, backup and restoration policy, and data-center attestations in a single packet.