Bright is a powerful developer-centric DAST platform (Dynamic Application & API Security Testing), that security teams trust and developers love. With its powerful automation and integration capabilities, Bright allows developers to scan multiple targets, uncover security vulnerabilities without false positives, get detailed reports on every finding, and quickly fix security issues by following the remediation guidelines. Integration for Slack allows you to post the issues reported by Bright to your Slack channels.
Bright Security will be able to view:
Bright Security will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
This Policy sets out the obligations of Bright Security (hereinafter referred to as the “Company”) regarding retention of personal data collected, held, and processed by the Company in accordance with EU Regulation 2016/679 General Data Protection Regulation (“GDPR”). This Policy sets out the type(s) of personal data held by the Company, the period(s) for which that personal data is to be retained, the criteria for establishing and reviewing such period(s), and when and how it is to be deleted or otherwise disposed of. Customers details – name, address, telephone number, email address Until asked to be removed by customer on-going business transactions M&S/ R&D / Finance/ management CRM - password protected Customers contracts Until asked to be removed by customer on-going business transactions M&S / Finance/ management CRM - password protected Billing system - password protected
Data archiving and removal policy
Customers details – name, address, telephone number, email address Until asked to be removed by customer on-going business transactions M&S/ R&D / Finance/ management CRM - password protected Customers contracts Until asked to be removed by customer on-going business transactions M&S / Finance/ management CRM - password protected Billing system - password protected
Data storage policy
Customer data is stored using RDS, local filesystem and remote file systems. Storage policies are applied for individual users and in compliance with the information that they give. All data is protected with passwords, mfa and SSO access including personal and possible organization information. In case of sensitive information (e.g. access tokens, credit cards) the data is stored encrypted so that in case of data breach the leaked information proves useless.
Data center location(s)
Data hosting details
Data hosting company
App/service has sub-processors
Certifications & compliance
Data deletion request procedure
Our company adheres to the GDPR rules of data deletion, where on removal of user account all data related to that user is also removed.
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack App Directory, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Date of latest pen test
Executive summary is available to potential customers upon request
Supports Single Sign On (SSO) with the following providers
Okta, Google, AD FS
Supports Security Assertion Markup Language (SAML)