Razorops Security | Cloud Platform & Integration Security
We fully understand and recognize, that the security of your source code as critical componant. Therefore we put lots of efforts to provide a secure infrastructure to use.
Razorops System Security
All communication between your browser and our website is SSL encrypted.
For every project you add to Razorops we create an SSH Key that is itself encrypted strongly and only decrypted shortly before being used in the build process. builds are clean and each build we start with new docker instance. All changes you make (including file system changes) are stored in a tmp disk which is removed as soon as your build finishes (tests and deployment). None of your data is ever stored on any hard drive on our build servers.
Can Razorops Read My Code?
We have no direct access to your source control but our engineering team can see your builds and build logs, as well as account information.
What Kind Of Access Razorops Needs to my Source Code Management?
Currently we support GitHub, GitLab, and Bitbucket to run your tests, we need to check out your code from your source code provider. you can signup to Razorops Dashboard and connect you SCM providers under integration section.
You can revoke permission in your source code provider settings and by removing form integration section.
What Services Does Razorops Use?
Our whole infrastructure is based on Google Cloud or services built on top of it. GCP is one of the most trusted, tried and tested hosting services out there. The services we use are:
1) Google Kubernetes Engine
2) Google Container Registry
3) Many More.
Note: Although we do have access to your source code, as outlined in our Terms of Service, we only access it for a build. We do not have any way to access your source code repository outside of our build environment.
Does Razorops Save My Code?
Razorops never takes ownership of your code or files. All builds run on containers that are shut down at the end of your build, with your cloned repository and generated assets never persisted between builds.
Does Razorops Conduct External Security Audits?
Yes, from time to time Razorops hires external parties to examine and audit current security practices.
Does Razorops Use External Contractors?
For various roles, Razorops will hire part-time workers or 3rd party contractors.
All employees - full time, part time or external - are given appropriately limited resource access and security requirements.
How Can I Get In Touch About Security?
If you have any further questions you can send an email to [email protected]