Security overview

QRebel is committed to providing strong levels of security of your application’s performance data by using industry standard security technologies and procedures.

QRebel collects and analyzes performance metrics from test and staging environments. This document will provide an overview of our security policies and measures and addresses the most common concerns customers may have about the security and privacy of our QRebel offering.

QRebel is certified SOC2 Type 1 compliant.

../_images/21972-312_SOC_NonCPA.png

Service communications

QRebel offering consists of 3 main components:

  1. QRebel customer facing portal - https://hub.qrebel.com.
  2. QRebel Backend System.
  3. QRebel Agent installed on customer systems.

All system communications and endpoints are secured by strong SSL/TLS encryption. QRebel customer facing portal and QRebel Backend System are hosted on AWS (Amazon Web Services). QRebel Agent needs a direct HTTPS connection to the AWS.


Data storage

QRebel stores user and application performance data on Amazon Web Services (see Amazon Assurance Programs for AWS compliance). We use industry standard best practises to secure the ingestion, processing and displaying of this data. This includes time rotated credentials, folder level access policies and security groups. All data older than 90 days is automatically deleted.


Type of data

QRebel stores and processes the performance metrics from testing and staging environments. This includes meta information about the requests, method invocation trees, database queries with parameters, Java exceptions and JVM information.


Conclusions

QRebel is committed to providing strong levels of security of your application’s performance data by using industry standard security technologies and procedures. QRebel collects and analyzes performance metrics from test and staging environments. All system communications and endpoints are secured by strong SSL/TLS encryption. QRebel is deployed to the Amazon Web Services.