MantisHub Security

MantisHub has been rated A+ from 3rd party security evaluators so we can assure our customers that MantisHub delivers a high level of security 

ssllabs.png

 

If you need further details on our security measures we've addressed the most frequently asked questions below:

# Application Security
MantisHub is always running latest version of MantisBT along with all security patches and new features. Servers hosting MantisHub do not run any other applications and don’t run any kind of customer code or plugins that are provided by customers.

# Two-Factor Authentication
MantisHub enables customers to deploy two factor authentication for their users by utilizing our federation with services like Github and Bitbucket.

# Server Security
MantisHub patches its servers on a weekly basis. For high profile vulnerabilities (i.e. hartbleed) servers are patched as soon as the fix became available.

Access to server is authenticated using PKI keys rather than usernames and passwords providing higher level of security.

# Encryption on the wire
All communication to MantisHub happens via HTTPS leveraging SSL for data encryption over the wire. Our SSL server configuration and security has been rated as A+ by 3rd parties that assess server security.

# Encryption at REST
We leverage AWS storage to do data encryption at rest.

# Privacy
We value our customers privacy. We don’t share or sell your data in any way. Customer data is accessed by our support team for the purpose of providing support to our customers. Such access is audited. See more details in our private policy

# Data Retention
Customer data is only used and retained to service our customers and their users. In case of cancellation all data and backups are purged within 30 days.

# Backups and Disaster Recovery
We do daily offsite backups to protect against failures or corruption.

# Data Isolation and Export
MantisHub data for each customer is isolated into its own database. This providing added security and isolation. This also enables customer initiated backups and export of all data if they decide to stop using MantisHub.

# Hosting Environment
All servers are hosted in AWS cloud and are located in US region.

# SLA
We provide 99.9% availability SLA for MantisHub.

# Payment Method Security
We use a third party service for payment processing (Stripe). All your payment method details are stored in a secure vault within Stripe. MantisHub service and team never gets access to your payment details, we just get a token that enables charging your payment method.

# Money back guarantee
If a customer is not satisfied with our service, we provide a money back guarantee for any payments collected within the last 30 days.

# Terms of Service
See our detailed terms of service

 

If you have any other questions you can always contact our support team.

Have more questions? Submit a Request

Comments

Powered by Zendesk