Rattle conforms to leading security standards and best practices, so you don’t need to worry about sloppy systems or additional liability.
Encryption at REST
All stored data, session cookies, and backups are encrypted at rest. Database fields storing credentials are also encrypted for additional security. No humans, Rattle's staff included, can ever view your passwords.
SSO & MFA
Rattle integrates with your SSO/MFA solution to provide a seamless login experience via SAML 2.0. User authentication can take place without the need to manage yet another account/password combination.
Encryption in Transit
All communication between customer systems and Rattle takes place using high levels of encryption (TLS 1.2/HPPS).
Role-based access controls
Rattle administrators can set user roles according to the principle of least privilege. Users only see what they need in order to perform their jobs.
Third-party Penetration Testing
Rattle partners with external penetration testing vendors to conduct annual tests. Medium and higher severity findings are remediated, with reports available upon request and under NDA.
Rattle scans its own systems regularly to identify common vulnerabilities. Servers are patched automatically on a regular schedule, with critical and high severity patches applied with the highest priority.