Security

Here at Sidekick, security is our top concern, and we provide the highest security standards.

Complete on-premise solution for zero security concerns

Whether you are working behind a firewall or have personal reasons to not rely on a SaaS product, you can now install Sidekick on your premises.

Got questions?

Source Code Isolation

Sidekick never sees nor has access to your source code. Your code does not reach Sidekick’s backend or servers. To provide code-level visibility for you blazing fast, the source-code view is required to enable you to click on a line to set a tracepoint during your application execution. Your source-code only remains between your repository and your local browser, when you integrate with Sidekick. Sidekick’s backend servers only receive the following when you set a tracepoint for debugging:
  • File path
  • Line number
  • SHA256 (hash of the file)

External Integrations

Sidekick applies the least privilege principles and requires minimum permission to process your integration. You can import your code from a repository like GitHub. At any point in time, your data - your source code - is always kept Secure as it travels between your repository and your browser. It never goes through Sidekick’s backend servers at any time. Moreover, Sidekick never makes any changes to your repository or its configuration in any way. Sidekick never commits, modifies pull requests, or installs Webhooks.

General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR)re-emphasizes and reinforces existing data protection principles in the European Union (EU). GDPR also adds new rules that are designed to expand legal and privacy rights protections for EU citizens. At Sidekick, we understand the importance of data. We are wholly committed to providing the highest security standards and the protection of customer data. As a reflection, we completely ameliorated our products, processes, and procedures to meet the GDPR obligations. Any Sidekick user is provided the availability to both filter and mask personal data before customer data is submitted to our subscription services.

Encrypt in Transit & at Rest

We use TLS encryption for every internal and external communication between our services and external services. All of our application layer (layer 7) level communications are HTTPS based and network layer (layer 3-4) based communications are SSL based. All of the collected user data and monitoring data is stored as encrypted with AWS KMS system by encryption keys. Also, all of the snapshots and backups are encrypted as well at the place where they reside.

Agent Security

Sidekick agents run in the user application, collect monitoring data (traces, metrics, logs) from both the running application itself and the underlying container, and send them to Sidekick Collector API to be ingested. Collected monitoring data is sent through HTTPS (TLS) securely. Authentication is done by the provided API keys, which are sent in the request headers to sing the request, by Sidekick Console. After processing, received data is stored encrypted by AWS KMS at rest. By default, all integrations (AWS SQS, AWS SNS, AWS Lambda, …, MySQL, PostgreSQL, HTTP, Redis, etc …) are enabled and they capture the outgoing requests (messages, queries, request bodies, commands, etc …). If there is sensitive data or you don’t want these requests data to be captured, you can always enable masking them by configuration so they won’t be traced. Additionally, the Sidekick agent can trace user codebase even method arguments, return values, and local variables when line by line tracing is enabled. These are disabled by default and we collected these low-level details only when you enable them.

Console Security

All of the communication between the user browser and the Sidekick console is done securely through HTTPS (TLS). We are using JWT tokens with Auth0 for console authentication. For payment, we are using Stripe, which is certified to PCI Service Provider Level 1, (the most stringent level of certification available in the payments industry). So we don’t collect and store any information about your credit card as they are handled and managed by Stripe directly.

Data Access & Retention

All of the data stores (as well as the internal and external services) are behind VPC and they are not accessible from the outside of the private network. At Sidekick, accesses to data stores are restricted and only admins and operations team are allowed. Two-factor authentication is required for employees to access Sidekick internal services and actions are audited by AWS CloudTrail logs. If you want to delete your account, you can contact us through Discord or support@runsidekick.com. We will respond with the confirmation of deletion in 24 hours.
Sidekick - Like Chrome DevTools for your backend, now open source | Product Hunt
Docs
Security
Integrations
Contact Us
Resources
Blog
Pricing
Plays well with
1 Marina Park Drive STE 1100, Boston, MA
© 2022 Thundra, Inc. All Rights Reserved. Provided by Thundra.
Terms of ServicePrivacy Policy