• Partners Pricing
  • Partner PortalCustomer Sign in
  • Menu

    Close
    • Google Workspace Backup
    • Microsoft 365 Backup
    • K8s Backup & Management
    • AWS Backup
    • Azure Backup
    • Platform Overview
    • Pricing
    • Partners
    • About Afi
    • Support
    • Blog
    Sign in
  • Platform

    Overview of Afi technology and next-generation architecture

DATA PROTECTION

  • — Google Workspace

  • — Microsoft 365

  • — Kubernetes

  • — Amazon Web Services

  • — Microsoft Azure

From the blog

  • Google Workspace Backup Solutions Review
  • Microsoft Teams Backup: Options & Key Features
  • Can Ransomware Hit Your Microsoft 365 Data?
  • Security & Legal

About Us

Learn more and get in touch with us
  • More Details

  • Leadership Statement
  • Resource Library
  • Agreements

  • Privacy Policy
  • Terms of Service
  • Support ticket

    Submit a new support ticket or check the resolution of an existing ticket

  • Documentation

    Review product documentation in Afi Knowledge Base

Afi Announces Secure Code Review Completion

Sep 18, 2023
~5 min read•~500 words

At a Glance

  • Afi completed an independent secure code review encompassing all significant components of Afi source code.
  • The review assessed the security of Afi's source code, data encryption, data sanitization and access control mechanisms.
  • Existing Afi customers and potential customers may contact Afi support or sales teams to get the project report.

Intro

We’re proud to announce our successful completion of an independent secure code review performed by SecureIT, a leading cybersecurity and risk audit firm.

Due to the nature of the business, customers use Afi platform to handle a lot of data, and it’s critical that we keep it safe and adhere to the highest security standards. This independent review – combined with the regular penetration tests, SOC 2/3, customer-initiated audits, CSA STAR, Cyber Essentials and other certifications – underscores our strong commitment to product development, security and resiliency.

Completing an independent secure code review gives Afi’s customers additional evidence that we’re handling your data securely. Afi stands as one of the very few backup vendors that have made the significant investments necessary to undergo a comprehensive third-party secure code review.

Afi team run a detailed comparison to select a security provider with the best qualifications for the project. SecureIT stood out as the top security firm focused on analysis and independent validation, one of the largest FedRAMP assessors with a broad perspective on the best security strategies and the latest threat.

 1 

What Is a Secure Code Review?

The purpose of the independent secure code review was to assess the security of Afi's source code and identify any potential vulnerabilities or weaknesses that could be exploited.

SecureIT conducted a thorough manual assessment of potential weaknesses within the source code, encompassing all significant components of the application. The scope of the project included all Afi production code, which was tested for technical and logical security risks that could be exploited to compromise the confidentiality, integrity, and availability of customer data.

 2 

Why Does This Matter to You?

As a current or future customer of Afi, you can rest assured that our software and infrastructure adhere to stringent security standards, as outlined in the code review project report. While the SOC 2/3 audits we undergo annually are focused on Afi’s internal systems and processes, the secure code review independently validates that Afi’s code is free from coding flaws and vulnerabilities, uses up to data encryption, data sanitization and access control mechanisms.

The comprehensive secure code review reflects Afi’s long-term commitment to developing a secure and resilient service, gives you peace of mind and helps you mitigate risks. Data breaches can have serious effects on your business, that’s why choosing a trusted partner that maintains the highest levels of data protection is so important. We’re proud to provide that service to you.

 3 

Project Results and Report

SecureIT’s thorough and professional work has exceeded our expectations. While the review did not reveal any critical or high-risk vulnerabilities in our code, the detailed analysis and insightful recommendations provided by SecureIT helped us to improve the Afi security posture.

Having completed the project, the SecureIT team noted that Afi “demonstrated a commitment to industry best practices and secure coding principles in their codebase. This proactive approach to integrating security measures in accordance with established standards highlights the organization's dedication to constructing a robust and secure application”.

The project report is available for existing Afi customers and potential customers upon request.

 

Related stories

G Suite email backup options overview.

How to recover deleted G Suite Drive files, Gmail data and Contacts?

Ready to try Afi? It only takes 1 min.

Start free trial
© Afi
Security & Legal
Terms
Privacy