Security

Kuroco is designed by Cloud-native and high security architecture.

API

  • Completely encrypted HTTPS communication
  • Web Application Firewall(WAF)
  • CDN
  • DDoS Protection
  • Access control through a fixed token, dynamic token, and Cookies
  • Strict permissions control by configuring users groups
  • IP address access control
  • Access logs(Audit logs)
  • Application logs

Management screen

  • Completely encrypted HTTPS communication
  • Web Application Firewall(WAF)
  • DDoS Protection
  • Access limitation by ID & PWD
  • Strict permissions control by configuring users groups
  • IP address access control
  • Storage function of encrypted token
  • Access logs(Audit logs)
  • Application logs

KurocoFront

  • Completely encrypted HTTPS communication
  • CDN
  • DDoS Protection
  • Static website hosting
  • BASIC authorization
  • IP address access control
  • Access logs

KurocoFiles

  • Completely encrypted HTTPS communication
  • CDN
  • DDoS Protection
  • Static website hosting
  • IP address access control
  • Access logs

Vulnerability assessment

  • Vulnerability Scanning for Containers every time update (Almost every day)
  • Implementation of vulnerability assessment using VADDY (for the standard API in the main website only)
  • Vulnerability assessment of API customized by users using VADDY (in progress)
  • Free support for points related to Kuroco in individual vulnerability assessment

If you have any other questions, please use our contact form or Slack workspace.