Data security is essential to DECTRIS CLOUD. Scientists using the platform need confidence that their research data is protected end to end, remains accessible when needed, and is not deleted or altered by unauthorized actors. Safeguarding the personal data of web app users is equally important and part of the same commitment to confidentiality, integrity and availability.
From the outset, data protection has been integral to the DECTRIS CLOUD architecture. Geo redundant cloud data centers improve availability and data durability, while fully isolated virtual machines provisioned per user keep workspaces separate and prevent one user from affecting another. These measures underpin a platform designed for reliable scientific collaboration.
In a constantly evolving threat landscape, security cannot be a one time exercise. We monitor emerging risks and routinely validate our controls. To keep improving, DECTRIS CLOUD has begun a recurring program of independent third party security testing, including penetration testing, to confirm assumptions, find weaknesses early, and strengthen the platform.
Why we partnered with Cobalt
To ensure that DECTRIS CLOUD can withstand today’s cybersecurity challenges, we have teamed up with Cobalt, a global leader in penetration testing. Cobalt’s Offensive Security Platform enabled us to plan and launch security tests with ease, while benefiting from real-time updates and fast communication between their pentesters and our internal team.
Insights that improved our security
The engagement covered web application, API, external network, and internal network penetration testing, providing a comprehensive outside-in view of DECTRIS CLOUD.
The tests highlighted areas for improvement we had not previously observed, including outdated software versions and potential paths for unauthorized access. We addressed these findings promptly, further strengthening the platform.
Read the DECTRIS CLOUD case study by Cobalt here.
Building a security-first culture
Beyond fixing vulnerabilities, this collaboration with Cobalt helped us embed security more deeply into our development practices. By improving architectural documentation, refining access controls, and heightening developer awareness, we have fostered a culture where security is part of innovation rather than an afterthought.
