Securing customer data in SaaS products

Starburst employs a comprehensive approach to securing customer data within its SaaS product, Starburst Galaxy, emphasizing risk mitigation and compliance. The platform's infrastructure is fortified by AWS GuardDuty for continuous monitoring and Cloudflare for protection against DDoS attacks, while access to the user interface is secured with TLS encryption and customer data is never stored within the platform. Payments are processed through Stripe, ensuring credit card information is not collected or stored by Starburst. The company’s practices include rigorous screening of third-party vendors, adherence to GDPR compliance through Standard Contractual Clauses, and a secure development lifecycle that incorporates early consideration of security and privacy, code scanning, and annual penetration tests. Starburst maintains ISO 27001 and SOC2 compliance, striving for continuous improvement in security processes and fostering a culture of feedback to ensure dependable, secure products.