Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-02-23 00:22:19 +01:00
Code Issues Projects Releases Wiki Activity

Update fedramp and soc2 docs to point to Unleash Enterprise (#8957)

Browse Source
This commit is contained in:
Michael Ferranti 2024-12-11 14:35:55 +01:00 committed by GitHub
parent f8f7b55a53
commit c3f50263c8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
website/docs/using-unleash/compliance/fedramp.mdx
View File

@ -9,7 +9,7 @@ description: 'FedRAMP compliant feature flags at scale with Unleash.'
When operating in a [FedRAMP-compliant](https://www.fedramp.gov/program-basics/) environment, it's crucial to ensure that all integrated systems, including feature flagging solutions, adhere to the same compliance standards. Using a homegrown or third-party feature flag system that does not support FedRAMP standards can compromise your certification and introduce unnecessary risks. When operating in a [FedRAMP-compliant](https://www.fedramp.gov/program-basics/) environment, it's crucial to ensure that all integrated systems, including feature flagging solutions, adhere to the same compliance standards. Using a homegrown or third-party feature flag system that does not support FedRAMP standards can compromise your certification and introduce unnecessary risks.
This guide provides an overview of how Unleash features align with FedRAMP controls, helping your organization meet its compliance requirements. This guide provides an overview of how [Unleash Enterprise](https://www.getunleash.io/pricing) features align with FedRAMP controls, helping your organization meet its compliance requirements.
## Access Control ## Access Control
@ -53,4 +53,4 @@ This guide provides an overview of how Unleash features align with FedRAMP contr
| **FedRAMP Control** | **Unleash Feature** | | **FedRAMP Control** | **Unleash Feature** |
|-------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------| |-------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------|
| [SC-08 (01) Transmission Confidentiality and Integrity](https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_0/home?element=SC-8) (Cryptographic Protection) | Unleash implements cryptographic protection for data in transit, as detailed in our SOC2 report (available upon [request](https://www.getunleash.io/plans/enterprise). | | [SC-08 (01) Transmission Confidentiality and Integrity](https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_0/home?element=SC-8) (Cryptographic Protection) | Unleash implements cryptographic protection for data in transit, as detailed in our SOC2 report (available upon [request](https://www.getunleash.io/plans/enterprise). |
| [SC-17 Public Key Infrastructure Certificates](https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_0/home?element=SC-17) | Unleash uses PKI certificates issued by AWS and Google. | | [SC-17 Public Key Infrastructure Certificates](https://csrc.nist.gov/projects/cprt/catalog#/cprt/framework/version/SP_800_53_5_1_0/home?element=SC-17) | Unleash uses PKI certificates issued by AWS and Google. |

4
website/docs/using-unleash/compliance/soc2.mdx
View File

@ -9,7 +9,7 @@ description: 'SOC2-compliant feature flags at scale with Unleash.'
To get SOC2 certified and maintain your compliance, you must ensure that any system you integrate with, including feature flagging solutions, are also SOC2 certified. Using a homegrown or third-party feature flagging system without SOC2 compliance can compromise your certification and introduce unnecessary risks. To get SOC2 certified and maintain your compliance, you must ensure that any system you integrate with, including feature flagging solutions, are also SOC2 certified. Using a homegrown or third-party feature flagging system without SOC2 compliance can compromise your certification and introduce unnecessary risks.
This guide provides an overview of how Unleash features align with SOC2 Type II controls, helping your organization meet its compliance requirements. This guide provides an overview of how [Unleash Enterprise](https://www.getunleash.io/pricing) features align with SOC2 Type II controls, helping your organization meet its compliance requirements.
## How Unleash features map to SOC2 Type II controls ## How Unleash features map to SOC2 Type II controls
@ -29,4 +29,4 @@ This guide provides an overview of how Unleash features align with SOC2 Type II
| CC 6.1, CC 6.6 Remote access MFA enforced | The company's production systems can only be remotely accessed by authorized employees possessing a valid multi-factor authentication (MFA) method. | You can enable MFA through your identity provider, such as Okta or Microsoft Entra ID, after implementing [single sign-on](/reference/sso). | | CC 6.1, CC 6.6 Remote access MFA enforced | The company's production systems can only be remotely accessed by authorized employees possessing a valid multi-factor authentication (MFA) method. | You can enable MFA through your identity provider, such as Okta or Microsoft Entra ID, after implementing [single sign-on](/reference/sso). |
| CC 6.1, CC 6.6 Remote access encrypted and enforced | The company's production systems can only be remotely accessed by authorized employees via an approved encrypted connection. | Unleash is secured by enforcing TLS 1.2. | | CC 6.1, CC 6.6 Remote access encrypted and enforced | The company's production systems can only be remotely accessed by authorized employees via an approved encrypted connection. | Unleash is secured by enforcing TLS 1.2. |
| CC 6.7 Data transmission encrypted | The company uses secure data transmission protocols to encrypt confidential and sensitive data when transmitted over public networks. | Unleash is secured by enforcing TLS 1.2. | | CC 6.7 Data transmission encrypted | The company uses secure data transmission protocols to encrypt confidential and sensitive data when transmitted over public networks. | Unleash is secured by enforcing TLS 1.2. |
| SD SOC 2 System Description | The company has completed a description of its systems for Section III of the audit report. | This documentation is available in the SOC 2 report in the Trust Center. The report is performed by an external auditor and renewed annually. | | SD SOC 2 System Description | The company has completed a description of its systems for Section III of the audit report. | This documentation is available in the SOC 2 report in the Trust Center. The report is performed by an external auditor and renewed annually. |