Peace of Mind
January 11, 2019
GoVets Security Provides Peace of Mind
GoVets ensures that Buyers can shop with peace of mind knowing they are protected by the latest technology and processes back by rigorous standards. We completely control the source code for the GoVets platform and we leverage our experience providing cyber threat detection and remediation services for the US Government to ensure the safety of all platform users. Below describes some of the measure taken so you can have peace of mind. | |
 | Transport Layer Security - In our increasingly digitally connected world, the Transport Layer Security (TLS) network protocol is of the utmost importance to safeguard our users from digital harm. GoVets shields against security vulnerabilities by ensuring end-to-end encryption of the communication data between computers (PC, phone, etc.) and web servers. The TLS protocol is used by the HTTPS protocol (among others) to encrypt and authenticate the computers involved in any communication on the web. When you see the "s" on "https://" you know you are protected by TLS on GoVets. |
 | Software Source Control - GoVets has complete control over the open source software (Linux, Apache, MySql, PHP) used to construct the platform. We carefully evaluate and test any changes. |
 | Penetration Testing - From our background performing cyber threat detection and remediation for the US Government, we understand the importance of using Penetration Testing to simulate cyberattacks against the GoVets system to check for exploitable vulnerabilities. In the context of web application security, penetration testing is commonly used to augment our CloudFlare web application firewall described below. Our Penetration Testing is attemps to breach all application systems, (e.g., application protocol interfaces (APIs), frontend/backend servers) to uncover vulnerabilities, such as unsanitized inputs that are susceptible to code injection attacks. Insights provided by the penetration test can be used to fine-tune your web application security policies and patch detected vulnerabilities. We run a full set of penetration testing tools quarterly or whenever we perform any major system configuration changes. |
 | Brightcloud - The BrightCloud Web Classification and Web Reputation services that are available through a RESTful API service and through the BrightCloud Threat Intelligence SDK list GoVets as Trustworthy. |
 | PaloAlto - Because GoVets primarily supports medical center procurement activities, GoVets is categorized as Health and Medicine by PaloAltoNetworks.com |
 |
Web Application Firewall - GoVets website and applications are fully protected by the resilience and intelligence of a scalable network to combat evolving threats in a way that does not sacrifice performance. GoVets runs inside CloudFlare firewall that deploys technology to the edge of the network to restrict IP addresses that can shop on GoVets and block non-US IP addresses. |
 | PCI/DSS Compliance - The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment. GoVets integrates with established third-party credit card processors who are responsible for PCI/DSS Compliance. No credit card information is ever stored on GoVets. |
Â
Â
Â
Â
Â
Â