Why Enterprises Prefer Cloud-Native Security Automation
Swimlane Turbine is a cloud-scale, low-code security automation platform. We take a deployment-agnostic approach to building software. Swimlane’s cloud architecture is identical to on-premise deployments, only smaller, making it the preferred model for many customers.
Deploy in Days
You can deploy Turbine in the cloud in days versus the months it takes to deploy legacy on-premises SOAR solutions.
Less to Manage
Unlike legacy on-prem SOAR solutions, with Swimlane cloud deployments you will not have infrastructure to manage.
With new product features released monthly, Swimlane handles the upgrade process so you don’t have to.
SOC 2 Type II Compliance
We have implemented processes, procedures, and practices in order to comply with the most rigorous SOC 2 Type II compliance requirements in terms of how we handle customer data and information. Swimlane Turbine is designed to enable you to securely access and manage your content.
Monitoring & Vulnerability Testing
All Swimlane platform infrastructure is continuously monitored. Internal and external teams regularly test the platform for vulnerabilities
Security Awareness Training
All Swimlane employees are required to attend regular security awareness training, which includes information, policies and procedures related to protecting customer data.
Technical and Physical Controls
We have implemented a number of controls within the Swimlane Turbine platform and cloud infrastructure that are intended to prevent the disclosure of content or the unauthorized access to content. Turbine has various security features that help ensure the confidentiality, integrity and availability of customer information.
Encryption of Data at Rest and in Motion
We store all passwords and credential data in a secure database. Data in motion is protected using Transport Layer Security (TLS).
Support for SAML/SSO
We support local user account provisioning through Open LDAP, Microsoft Active Directory, and SAML 2.0.
2FA is enforced globally, and is required prior to users being able to access Turbine in the cloud.
Role Based Access Controls
RBAC can be applied at every level of objects within Swimlane workspaces, dashboards, reports, applications, records and individual records. More granular controls can be applied down to the individual field level
Controlled Access to Cloud Data
Swimlane restricts access to production systems to a handful of employees. Contractors and third-parties do not have access to any customer production data. We regularly audit the list of employees with access.
Full Data Center Compliance
Swimlane Turbine’s cloud infrastructure is currently hosted out of the US, UK, EU, Singapore, and Australia. All cloud data centers hosting Turbine have achieved compliance with ISO/IEC 27001:2013, 27017:2015, 27018:2019, 27701:2019, 9001:2015, and CSA STAR CCM v3.0.1. They have also completed the following examinations:
* SSAE 16
* SOC 1 Type II
* SOC 2 Type II
Open for Feedback
We welcome reports from security researchers and experts about possible security vulnerabilities in our product. To report a security vulnerability in Swimlane, please send details to [email protected]. We do not have a bug bounty program.