Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions .github/workflows/app-shell-sync.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
- name: Checkout current repository
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
path: docs-v2
path: docs

- name: Checkout app-shell repository
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
Expand All @@ -34,15 +34,15 @@ jobs:
node-version: "24"

- name: Install dependencies for docs-sync script
working-directory: docs-v2/scripts/docs-sync
working-directory: docs/scripts/docs-sync
run: npm ci

- name: Sync the docs files
working-directory: docs-v2/scripts/docs-sync
working-directory: docs/scripts/docs-sync
run: npm start -- app-shell

- name: Check for changes
working-directory: docs-v2
working-directory: docs
id: git_diff
run: |
git config --global --add safe.directory $PWD
Expand All @@ -57,7 +57,7 @@ jobs:
if: steps.git_diff.outputs.changed == 'true'
uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
with:
path: docs-v2
path: docs
token: ${{ secrets.PAT_TOKEN }}
commit-message: Update App Shell pages
branch: update-app-shell-pages
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/pr-checks.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,9 @@ jobs:
- name: Install dependencies
run: pnpm install

- name: Typecheck
run: pnpm typecheck

- name: Lint
run: pnpm lint

Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/sdk-docs-sync.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
- name: Checkout current repository
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
path: docs-v2
path: docs

- name: Checkout sdk repository
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
Expand All @@ -34,15 +34,15 @@ jobs:
node-version: "24"

- name: Install dependencies for docs-sync script
working-directory: docs-v2/scripts/docs-sync
working-directory: docs/scripts/docs-sync
run: npm ci

- name: Sync the docs files
working-directory: docs-v2/scripts/docs-sync
working-directory: docs/scripts/docs-sync
run: npm start -- sdk

- name: Check for changes
working-directory: docs-v2
working-directory: docs
id: git_diff
run: |
git config --global --add safe.directory $PWD
Expand All @@ -56,7 +56,7 @@ jobs:
if: steps.git_diff.outputs.changed == 'true'
uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
with:
path: docs-v2
path: docs
token: ${{ secrets.PAT_TOKEN }}
commit-message: Update SDK pages
branch: update-sdk-pages
Expand Down
56 changes: 56 additions & 0 deletions docs/reference/security.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
---
title: Security
description: Tailor Platform Security
---

# Security at Tailor Technologies. inc

As a provider of platform solutions to enterprise customers, Tailor is committed to ensuring platform security through both Enterprise and Product security approaches.

## Enterprise security

Tailor's enterprise security approach involves securing our infrastructure, protecting customer data, and maintaining strict access controls ([RBAC](#role-based-access-control-rbac)). To achieve this, we use network segmentation, firewalls, and intrusion detection systems ([Endpoint protection](#endpoint-protection)), as well as conducting third-party security assessments ([Vendor Security](#vendor-security)). We also provide regular security education and training to our employees to stay up-to-date on best practices and safeguard against potential threats ([Security education](#security-education)).

### Role-based access control (RBAC)

Tailor employees are granted access to applications based on their role, and automatically deprovisioned upon termination of their employment. Further access must be approved according to the policies set for each application.

### Endpoint protection

All corporate devices are centrally managed and are equipped with mobile device management software and anti-malware protection. Endpoint security alerts are monitored with 24/7/365 coverage. We use MDM software to enforce secure configuration of endpoints, such as disk encryption, screen lock configuration, and software updates.

### Vendor Security

Tailor assesses the security risk of vendors based on factors such as their access to customer and corporate data and their integration with production environments. We use this information to determine the inherent risk rating of the vendor. Finally, we evaluate the vendor's security to determine the residual risk rating and decide whether to approve the vendor.

### Security education

Tailor provides comprehensive security training to all employees upon onboarding and annually through educational modules. Tailor's security team shares threat briefings with employees to inform them of important security and safety-related updates that require special attention or action.

---

## Product Security

Tailor's product security approach includes the protection of customer data through encryption ([Data Encryption](#data-encryption)) and vulnerability assessments ([Vulnerability](#vulnerability)). These measures help ensure that customer data is protected from unauthorized access and potential security risks are identified and addressed in a timely manner.

### Data Encryption

At Tailor, the security of customer data is a top priority. To ensure its protection from unauthorized access, we use AES-256 encryption to encrypt all customer data at rest, and TLS encryption during transit. These industry-standard encryption protocols are designed to keep customer data secure at all times.

### Vulnerability

To proactively identify and address potential security risks, Tailor performs regular vulnerability assessments. Any vulnerabilities that directly affect our systems and services are promptly patched or remediated based on the severity of the issue and the availability of a patch or remediation instructions.

### Status Page

For the product status page, we use [Statuspage](https://tailortech.statuspage.io/), a third-party service that provides a public status page for Tailor.

### Release Notes

For Release Notes, please see [here](https://updates.tailor.tech/).

## SOC 2

Tailor complies with SOC2, which is a compliance framework by the American Institute of Certified Public Accountants' (AICPA).

Potential customers can reach out to us for more information.
1 change: 1 addition & 0 deletions schema.yml
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ links:
- portal.azure.com
- www.npmjs.com
- sonner.emilkowal.ski
- tailortech.statuspage.io
blocked_domains: [] # block links to these domains

# Heading validation rules
Expand Down