BastionZero
BastionZero is the Trustless Access Platform that connects engineers to infrastructure without risking the keys to your kingdom.We provide an easy-to-use cloud service leveraging our novel cryptographic protocol that allows us to offer a remote access SaaS without requiring your organization to trust us with privileged access to your SSH, Kubernetes, database, and web server targets.Use BastionZero within Slack to:
:hourglass: Request, approve, and monitor just-in-time (JIT) access to your targets :warning: :heavy_exclamation_mark: BastionZero must be installed by a user who is both an administrator in their BastionZero and Slack organizations.
:hourglass: Request, approve, and monitor just-in-time (JIT) access to your targets :warning: :heavy_exclamation_mark: BastionZero must be installed by a user who is both an administrator in their BastionZero and Slack organizations.
Permissions
BastionZero will be able to view:
BastionZero will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
General
Developer
BastionZero
Company headquarters location
United States
Terms of service
Privacy & data governance
Data retention policy
BastionZero retains customer data only for as long as is necessary for providing services to the customer. We retain and use personal information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
We also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.
Data archiving and removal policy
BastionZero maintains customer data for up to a 2 year period, after which it will no longer be stored.
Data storage policy
BastionZero uses technical and physical safeguards to protect the security of customer data and personal information from unauthorized disclosure. We also make commercially reasonable attempts to ensure that only the necessary people and third parties have access to customer data.
App/service has sub-processors
no
Certifications & compliance
Data deletion request procedure
Data is deleted within 60 days of a customer termination request, or it is deleted immediately upon customer request.
HIPAA compliant
no
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack Marketplace, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Security
Supports Single Sign On (SSO) with the following providers
Google, Azure, and Okta
Supports Security Assertion Markup Language (SAML)
no
Has a dedicated security team
no
Contact for security issues
product@bastionzero.com
Has a vulnerability disclosure program
no
Has a bug bounty program
no
Requires third party authorization/connections
yes
Third party services used by this app
The BastionZero app is connected with our service, BastionZero, in order to function.
Uses token rotation
no