News
OutSystems Raises the Bar for Low-Code Platform Security with Multiple ISO and SOC Certifications
September 2017 by Marc Jacob
OutSystems announced that it has bolstered its security credentials with three of the most recognised security certifications - ISO 27001, ISO 22301, and SOC 2. In addition, OutSystems has become a member of the Cloud Security Alliance as part of its commitment to security best practices in cloud computing.
“Software security is one of the most critical issues that IT leaders face, and it is often one of the most challenging,” said José Casinha, chief information security officer at OutSystems. “These new certifications help OutSystems provide an end-to-end security strategy for organisations building applications with our low-code platform.”
OutSystems has completed the following certifications:
• ISO 27001: This certification, from auditor BSI, approves the OutSystems systematic approach to managing sensitive company information so it remains secure.
• ISO 22301: This certification, also from BSI, approves the management system the company has put in place for business continuity arrangements.
• SOC (Service Organisation Controls) 2 Type II: This attestation, from KirkpatrickPrice, demonstrates that OutSystems has selected and implemented a specific and well-defined set of security controls. The framework validates that the service provider’s data management systems are secure, available and setup to maintain the confidentiality of data.
OutSystems ensures security best practices are enforced throughout the development lifecycle. Apps or systems created in the platform automatically include code protection for the riskiest threats, e.g. OWASP Top Ten: Injection, Cross-Site Scripting, Sensitive Data Exposure, etc.
OutSystems enforces security requirements, including application security checks, identity management, access control, single sign-on, encryption, auditing, and more.
To complete these certifications, OutSystems underwent a series of formal independent audits of its technologies, security policies and procedures, as well as its internal risk and operations controls. The successful completion of these respected certification processes reinforces the company’s commitment to providing customers with the most secure, user-friendly development environment in the industry.
By joining CSA, OutSystems will add its subject matter expertise to that of other industry practitioners, associations, governments, and corporate and individual members who offer cloud security-specific research, education, certification, events and products to the entire community impacted by cloud. The mission of the CSA is to promote the use of best practices for security assurance in cloud computing and to educate organisations on how cloud computing can help secure all other forms of computing.
