Security Matters

Clari is a modern Cloud-based architecture built with industry-standard technologies and services, ensuring enterprise-grade security and data protection for our customers.

Clari Web

  • Encrypted Sessions 256-bit TLS 1.2
  • Encrypted Cookies for Sessions
  • Strong Authentication
  • SAML 2.0 – SSO Integration
  • Oauth Client Access Protocols
  • OWASP Top 10 verified
  • Certificate Verification
  • Secure Access and Activity Log
  • Session Timeout
  • URL Access Restrictions

Clari Mobile

  • Encrypted Sessions 256-bit TLS 1.2
  • Encrypted Cookies for Sessions
  • SAML 2.0 – SSO Integration
  • Oauth Client Access Protocols
  • Source Code Hardening
  • Clean Data principles
  • Certificate Pinning and Verification
  • Secure Access and Activity Log
  • Transient URLs
  • Session Timeout

Clari Access to Customer Services

  • OAuth authentication for Salesforce
  • SSO enabled session authentication
  • Service API throttling and monitoring API limits
  • Support for IP Address lock-downs
    Secure Cloud
  • ISO 27001
  • AWS Virtual Private Cloud
  • Secure VPN connections to Customer Data Centers
  • Secure access to Microsoft Exchange
  • Isolation of Production and Dev/Test environments
  • Active Session Monitoring and Timeouts
    Secure Data Management
  • User Credentials encrypted with AES 256-bit encryption
  • Access/Refresh tokens encrypted with AES 256-bit encryption
  • Access restrictions to only open application IP Servers
  • Server-side encryption of EBS Volumes
  • Encrypted S3
    Secure Analytics
  • ISO 27001
  • AWS Trust Advisor
  • Nessus Vulnerability Scans
    Secure Computing
  • AWS Security Groups for Port & IP Address restrictions
  • Load balancer based compute isolations
  • API Access Keys
  • Multi-tenancy with logical client partitioning
  • Role-based access control
  • Secure logging of application activity
  • VeraCode Source-code vulnerability
  • OWASP Secure Coding Principles
    Key Third Party Certifications & Programs
  • ISO 27001-2003 (All Control Groups)
  • Cloud Security Alliance CSA-CAI-1.1
  • Amazon Web Services Assessment
  • US-EU and Swiss Privacy Shield
  • TRUSTe Privacy Certification
  • Skyhigh Enterprise Ready Certification
  • ISO
  • CSA
  • Amazon Web Services
    Vulnerability Scans Passed
  • 24x7x365 security scanning and monitoring
  • Nessus Network-Level Scanning
  • TinFoil Application-Level Scanning
  • DataTheorem Mobile Application Scanning
  • Annual manual vulnerability testing
  • Nessus
  • Security Compass
Stay up to date with all our latest resources, blog posts, and news.