Security

Kuroco is designed by Cloud-native and high security architecture.

API

• Completely encrypted HTTPS communication
• Web Application Firewall(WAF)
• CDN
• DDoS Protection
• Access control through a fixed token, dynamic token, and Cookies
• Strict permissions control by configuring users groups
• IP address access control
• Access logs(Audit logs)
• Application logs

Management screen

• Completely encrypted HTTPS communication
• Web Application Firewall(WAF)
• DDoS Protection
• Access limitation by ID & PWD
• Strict permissions control by configuring users groups
• IP address access control
• Storage function of encrypted token
• Access logs(Audit logs)
• Application logs

KurocoFront

• Completely encrypted HTTPS communication
• CDN
• DDoS Protection
• Static website hosting
• BASIC authorization
• IP address access control
• Access logs

KurocoFiles

• Completely encrypted HTTPS communication
• CDN
• DDoS Protection
• Static website hosting
• IP address access control
• Access logs

Vulnerability assessment

• Vulnerability Scanning for Containers every time update (Almost every day)
• Implementation of vulnerability assessment using VADDY (for the standard API in the main website only)
• Vulnerability assessment of API customized by users using VADDY (in progress)
• Free support for points related to Kuroco in individual vulnerability assessment