Glia Certifications
Security

Security at the Core

Security page background graphicSecurity page background graphic left

Glia's security stack has
three distinct layers

Glia security stack illustration
Security Stack shadow
Personnel labelApplication labelInfrastructure label

Glia Security Stack

Infrastructure bottom pieceInfrastructure middle pieceInfrastructure top piece
Infrastructure icon

Infrastructure

Hardened Amazon Web Services (AWS) Infrastructure

Glia is exclusively hosted on AWS. Glia inherits the control environment AWS maintains and demonstrates via SSAE-16 SOC 1, 2 & 3, ISO 27001, FedRAMP/FISMA reports and additional certifications. In addition, Glia has deployed a 24/7 intrusion detection system that sits on-top of AWS with daily manual log reviews. All data is encrypted both in motion and at rest.

Infrastructure illustration
Glia graphic element bottom
Glia graphic element right
Application icon

Application

SDLC practices with security at the core

Glia follows a Test-Driven Development (TDD) software development process including both multi-party manual and automated security checks based on OWASP application security principles. Application security controls include: defense in depth, positive security model, fail securely, run with least privilege, intrusion detection, amongst others. In addition, Glia undergoes third party penetration testing on a scheduled basis.

Application illustration
Application bottom pieceApplication middle pieceApplication top piece
Glia graphic element bottom
Personnel bottom piecePersonnel middle piecePersonnel top piece
Personnel icon

Personnel

Dedicated Security Personnel with SOC2-2 Audited Controls

Glia has dedicated GIAC GSEC certified security personnel who have responsibility for security across the Glia organization. All Glia employees undergo background checks along with initial and ongoing security training and testing. All access is two-factor authentication controlled, logged and run with least privilege controls.

Personnel illustration

Request our latest Architecture and Security White Paper,

SOC2-2 Audit, Third Party Network Vulnerability Audit,  Third Party Penetration Testing Audit or the Glia WISP

Architecture & Security

This White Paper details the Glia security framework and implementation
Architecture & Security White Paper