attachmentAV for WordPress - Security

attachmentAV raises the bar for the security of your WordPress site. In the following, we give you insights into our security policies and controls.

First of all, we are ISO 27001 certified and GDPR complaint.

Here is an exceprt, of our security controls.

Transmission Confidentiality: We have set up processes to utilize standard encryption methods, including HTTPS with the TLS algorithm, to keep transmitted data confidential.
Encrypting Data At Rest We have set up cryptographic mechanisms to encrypt all production databases and storage systems that store customer data at rest.
Centralized Collection of Security Event Logs: Our infrastructure is configured to generate audit events for actions of interest related to security for all critical systems.
Vulnerability Remediation Process: We identifiy vulnerabilities on the Company platform through the execution of regular vulnerability scans.

For more details about our security policies and controls as well as the certificates, please visit our trust center.

Jurisdiction/Region (#)

attachmentAV for Salesforce processes data in the following jurisdictions/regions:

Are you required to ensure data processing in another region of the world? Let us know!

attachmentAV encrypts data in transit as illustrated in the following figure.

attachmentAV for WordPress encrypts all data in transit

To be able to scan files for viruses, trojans and other kinds of malware, attachmentAV temporarily persists data.

A user uploads a file to WordPress.
The plugin sends the file to the backend for scanning.
The backend temporarliy persists the file.
The backend calls the Sophos engine to scan the file.
The backend deletes the file.
The backend returns the scan result.
The plugin passes or blocks the upload of the file depending on the scan result.

We use encrypted volumes to ensure confidentiality of the temporary data.

Need more help?

Write us, and we'll get back to you as soon as we can.