Statement

Panoptix (Pty) Ltd (henceforth rereferred to as Panoptix) is dedicated to protecting data through the practice of sound Information Security practice and secure software development techniques.

Panoptix recognises that the confidentiality, integrity and availability of information and data created through the use of our software products is of vital importance to the success of our partners and customers. Panoptix takes this responsibility seriously through adherence to sound business practices to ensure compliance with all applicable laws, regulations and obligations.

Security Engineering and Compliance

Panoptix can draw on deep information security experience through qualified personnel that hold, or have held, various security certifications and academic achievements such as the internationally recognized CISSP certification, M.Sc. in Computer Science with a specialisation in Information Security as well as Electrical Engineering degrees [1].

Over and above the team’s qualifications Panoptix uses 2-Factor Authentication for all critical services and tests its software extensively through the utilisation of cutting-edge Continuous Integration and Continuous Deployment techniques. The most critical software contained in Panoptix’s Hotrod and Bbox offerings are developed in the Rust [2] programming language which is widely regarded as a great basis for secure software development [3].

Hotrod

At the core of the Panoptix offering is our Hotrod[4] product. Hotrod has been designed with operational security in mind. Some of the core aspects of default security within Hotrod are:

Bbox

Hotrod is regularly deployed on Bbox, Bbox is a centrally managed appliance developed by Panoptix to ease the deployment of Hotrod software and to give customers visibility into the edge of their networks. From its inception Bbox has been designed to limit its attack surface. Some core aspects of Bbox security are:

Hotrod Pipes

Hotrod Pipes are deployed by Hotrod-Agent (deployed stand-alone or as a part of Bbox). Pipes are centrally managed and auditable via the Hotrod server, with Panoptix it is possible to securely administer all data gathering and forwarding activities centrally from within Hotrod. Some core aspects of Pipes security are:

Continuous Improvement

Hotrod and Bbox software is constantly being improved by Panoptix, bug-fixes and improvements are securely distributed to partners. From time to time as the software is altered or as new business requirements come to light this Security Statement may be improved, for the latest version always refer to: https://panoptix.io/security/

All Panoptix software is governed by the Panoptix End User License Agreement, of which the latest version which can be found here: https://panoptix.io/policies/eu-license-agreement/

This Security Statement is subjugated to all terms and conditions of the EULA and should be interpreted as a statement of intent, with no additional warranties or guarantees that are not explicitly stated in the Panoptix End User License Agreement.

[1] https://panoptix.io/about/

[2] https://www.rust-lang.org/

[3] https://tiemoko.com/blog/blue-team-rust/

[4] https://panoptix.io/products/hotrod/

[5] https://jwt.io/

[6] https://www.saltstack.com/

[7] https://wiki.ubuntu.com/LTS

[8] https://panoptix.io/docs/dsl/