Apsara DevOps complies with the Classified Protection of Cybersecurity 2.0, ISO 27001 information security certification, and ISO 9001 quality management certification. It provides the following features to meet compliance requirements.
Data transmission encryption
Apsara DevOps uses Secure Sockets Layer/Transport Layer Security (SSL/TLS) for user data access, including reads and uploads. This enhances the security of data in transit and ensures that data cannot be decrypted or tampered with during transmission.
Integration with Alibaba Cloud Anti-DDoS products
The server-side can apply rate limiting or circuit breaking to IP addresses that send abnormal requests. It also forces HTTP requests to redirect to HTTPS.
Apsara DevOps integrates with the Alibaba Cloud Anti-DDoS system to defend against flood attacks and other distributed Denial of Service (DDoS) attacks, such as CC attacks. This provides multilayer protection.
Feature
Sub-feature
Description
Attack prevention types
Malformed packet filtering
Filters frag flood, smurf, stream flood, and land flood attacks.
Filters malformed IP, TCP, and UDP packets.
Transport layer DDoS attack prevention
Filters Syn flood, Ack flood, UDP flood, ICMP flood, and Rst flood attacks.
Web application DDoS attack prevention
Filters HTTP Get floods, HTTP Post floods, and high-frequency attacks. Supports filtering based on HTTP characteristics, URIs, and hosts.
Apsara DevOps Codeup repository security
Codeup uses hashing on code repositories at the underlying storage node layer. This prevents storage nodes from becoming hot spots caused by uneven repository distribution.
To resolve the hot spot issue caused by large repositories on a single node, Codeup uses multiple replicas for load balancing. It also performs real-time elastic scaling, such as scale-out or scale-in, based on traffic.
The backup policy for repository data includes at least two hot backups and one cold backup. The cold backup stores a full data snapshot.
Data availability through backup and recovery
Data availability means ensuring that data is complete, consistent, and accurate throughout its lifecycle. This is primarily achieved through backup and recovery.
Apsara DevOps uses Elastic Compute Service (ECS) servers and a multi-zone deployment architecture to provide disaster recovery. This ensures high data availability.
User privacy
We are committed to protecting your data privacy and preventing unauthorized access. Access privileges are strictly controlled. Apsara DevOps support staff can access your enterprise account only for support purposes, and only after your enterprise requests technical support through a ticket. When handling support issues, we make every effort to respect your privacy. After verifying account ownership, we access only the files and settings required to resolve the issue. Support staff may log on to your account to access configurations, but we limit our review to the minimum necessary to resolve your problem.
This policy has two exceptions: if your actions violate our terms of service, or if we are required by law to provide data.