Security

Kuroco is designed by Cloud-native and high security architecture.

API

  • completely encrypted HTTPS communication
  • Web Application Firewall(WAF)
  • CDN
  • DDoS Protection
  • access control through a fixed token, dynamic token, and Cookies
  • strict permissions control by configuring users groups
  • IP address access control
  • Access logs(Audit logs)
  • Application logs

Management screen

  • completely encrypted HTTPS communication
  • Web Application Firewall(WAF)
  • DDoS Protection
  • access limitation by ID & PWD
  • strict permissions control by configuring users groups
  • IP address access control
  • storage function of encrypted token
  • Access logs(Audit logs)
  • Application logs

KurocoFront

  • completely encrypted HTTPS communication
  • CDN
  • DDoS Protection
  • Static website hosting
  • BASIC authorization
  • IP address access control
  • Access logs

KurocoFiles

  • completely encrypted HTTPS communication
  • CDN
  • DDoS Protection
  • Static website hosting
  • IP address access control
  • Access logs

Vulnerability assessment

  • implementation of vulnerability assessment using VADDY (for the standard API in the main website only)
  • vulnerability assessment of API customized by users using VADDY (in progress)
  • free support for points related to Kuroco in individual vulnerability assessment