Security Aspects of ConcourseConnect

• Concursive upgrades both our own code and our operating infrastructure regularly with security updates.
• Concursive developers follow best practices, guidelines and prevention measures from OWASP, the Open Web Application Security Project.
• The Concursive Security Team coordinates security concerns and publishes Security Advisories on our website.
• User access to ConcourseConnect is password protected. ConcourseConnect also uses Public Key Infrastructure (PKI) to encrypt certain transactions and for storing certain data.
• ConcourseConnect is extensively audited and tested to ensure it is proof against all types of security vulnerabilities, such as SQL injection, cross site scripting, remote code execution, and format string vulnerability. ConcourseConnect has been the subject of a security assessment by a Global 1000 customer, and passed with minimal issues. All issues found were corrected within 24 hours. Because of sensitivity on the part of our customer, these results are only available for review upon signing a non-disclosure agreement.
• ConcourseConnect is also the subject of periodic technical reviews, one of the most stringent being a complete review by Intel Corporation prior to their investment in Concursive in 2007.