Security

Securing Section's global infrastructure and your applications is an important problem to solve and we take it seriously. Section’s security practice is led by our CISSP-qualified VP of Security and encompasses areas such as compliance protocols, corporate governance, data privacy, change management, and more.

Our comprehensive Security Statement includes details with respect to all security and compliance factors at Section.

Please contact us at support@section.io if you have a security concern, or believe you’ve found a vulnerability in any part of our platform.

SOC 2 Type II Compliance

Section has successfully completed a System and Organization Controls (SOC) 2 Type II audit, performed by Sensiba San Filippo, LLP (SSF).

DDoS Protection

Network-layer DDoS protection is included by default across the entire Section network to protect against all Layer 3/4 attacks. Section’s DDoS protection includes dually redundant DDoS protection including two of the world’s largest DDoS networks.

Compute Framework Security

Container Isolation

Applications cannot view or access processes outside of their isolated environment.

Namespace NetworkPolicy Control

Kubernetes NetworkPolicies restrict communications across namespaces.

Private Repositories & Registries

Maintain your application code, configuration and deployment manifests in your own code management systems and image registries.

Security Platform Extensions

HTTP Extensions

Section supports several containerized solutions that are available for general use by Section customers and include security-focused features. These include:

Activate IP blocking (via Section HTTP Ingress)
Geo IP range blocking, and User Agent detection and blocking (via Varnish Cache)
TLS Certificate Management (via Section HTTP Ingress)

Additional Security Features

Geographic Delivery Control

Control delivery to locations consistent with your GDPR or other compliance requirements.

Vendor Delivery Control

Restrict delivery nodes to a specific provider consistent with your compliance and security requirements.

PCI Compliance

Section is a certified PCI DSS Level 1 Service Provider. Section utilizes Tevora a Qualified Security Assessor (QSA) to conduct an annual compliance audit and provide a PCI DSS Attestation of Compliance (AOC).

Section offers PCI DSS Level 1 Compliant Service as a premium service, enabling customers to build PCI-compliant systems that leverage all the benefits of Section.

Section’s privacy practices align to compliance with GDPR.

Access Control

SSO
API tokens

SOC 2 Type II Compliance​

DDoS Protection​

Compute Framework Security​

Container Isolation​

Namespace NetworkPolicy Control​

Private Repositories & Registries​

Security Platform Extensions​

HTTP Extensions​

Additional Security Features​

Geographic Delivery Control​

Vendor Delivery Control​

PCI Compliance​

GDPR Compliance​

Access Control​