Security overview

XRebel Hub is committed to providing strong levels of security of your application’s performance data by using industry standard security technologies and procedures.

XRebel Hub collects and analyzes performance metrics from test and staging environments. This document will provide an overview of our security policies and measures and addresses the most common concerns customers may have about the security and privacy of our XRebel Hub offering.


Service communications

XRebel Hub offering consists of 3 main components:

  1. XRebel Hub customer facing portal - https://hub.xrebel.com.
  2. XRebel Hub Backend System.
  3. XRebel Hub Agent installed on customer systems.

All system communications and endpoints are secured by strong SSL/TLS encryption. XRebel Hub customer facing portal and XRebel Hub Backend System are hosted on AWS (Amazon Web Services). XRebel Hub Agent needs a direct HTTPS connection to the AWS.


Data storage

XRebel Hub stores user and application performance data on Amazon Web Services (see Amazon Assurance Programs for AWS compliance). We use industry standard best practises to secure the ingestion, processing and displaying of this data. This includes time rotated credentials, folder level access policies and security groups.


Type of data

XRebel Hub stores and processes the performance metrics from testing and staging environments. This includes meta information about the requests, method invocation trees, database queries with parameters, Java exceptions and JVM information.


Conclusions

XRebel Hub is committed to providing strong levels of security of your application’s performance data by using industry standard security technologies and procedures. XRebel Hub collects and analyzes performance metrics from test and staging environments. All system communications and endpoints are secured by strong SSL/TLS encryption. XRebel Hub is deployed to the Amazon Web Services.