Know why 36% of enterprise companies have adopted Observability as the new normal.

Middleware’s logo
    • Infrastructure Monitoring

      Monitor infrastructure and applications metrics

      Log Monitoring

      View and manage application, server and infrastructure logs

      APM

      Monitor applications errors and performance

      Database Monitoring

      Monitor database metrics and performance

      Synthetic Monitoring

      Monitor performance with simulated requests

      Serverless Monitoring

      Get visibility into serverless cloud functions

      Container Monitoring

      Monitor containerized environment performance

    • Industry

      Observability across all industries

      Technology

      Gain full visibility into tech stack

  • Pricing
    • Blogs
      Library
      API
  • Log in

Middleware
Cookie policy

Cookie policy Middleware
  • Our Security Commitment
  • Organizational Security & Compliance
  • Personnel Security & Training
  • Physical Security
  • Security by Design
  • Infrastructure Security
  • Application Security

content-icons
Our Security Commitment

Middleware works tirelessly to ensure the protection of Customers’ data within its custody and is committed to continuous improvements to its information security management practices. Middleware aims to ensure the appropriate confidentiality, privacy, integrity, and availability practices are maintained in accordance with the requirements of data security standards as outlined by the SOC2 Trust Service Principles.

We ensure that its security commitments are well documented and illustrated to user entities through our website, contract agreement, or in a service level agreement.

content-icons
Organizational Security & Compliance

Middleware is committed to ensuring that personal data obtained and processed is done in accordance with associated regulations and/or code of conducts laid out by SOC2 Trust Service Principles(Type I & II), HIPAA, GDPR and its principles, and Privacy Shield Principles. Formal IT policies and procedures exist that describe physical security, logical access, operations, change control, and data communication standards.

content-icons
Personel Security & Training

Middleware workforce includes partners, regular employees, and independent contractors who have direct access to Middleware internal information systems. Middleware personnel policies and practices relate to employee hiring, orientation, training, evaluation, counseling, promotion, and disciplinary activities. Security and Privacy trainings are performed upon hire and on semi-annual basis which includes but not limited to device security, acceptable use, malware prevention, data privacy, and incident reporting and data breach procedures. All employees are required to acknowledge to the confidentiality terms that they’ve read and will follow Middleware information security policies at least annually. Issues related to security and privacy are required to be reported immediately to Compliance team. Upon termination of work at Middleware, all access to Middleware systems is removed immediately.

content-icons
Physical Security

Middleware is exclusively hosted on Amazon Web Services (AWS) facilities (us-east-2) in Ohio, USA, which provides robust, physical data center security and environmental controls. AWS provide secure, high-performing, resilient, and efficient infrastructure. Middleware corporate offices all require badge access for entry, maintain video surveillance, and require all visitors sign in and be accompanied when present.

content-icons
Security by Design

Middleware understands the security risk associated with software changes introduced during Secure Development Lifecycle. Our security team adheres to OWASP Top 10 to categorize risks as High, Medium or Low risk. All updates or changes to the production system be they code or system configuration changes, require review prior to deployment to the production environment. Middleware applies change control requirements to systems that store data at higher levels of sensitivity, including Personally Identifiable Information.

content-icons
Infrastructure Security

Middleware network, infrastructure and architecture have multiple protection layers that ensure the highest levels of security and control, which includes:

Access to our production networks is controlled through multi-factor authentication over HTTPS encrypted protocol. Strict Firewall rules restrict access to vulnerable ports to ensure secure and limited access to production environment. We also utilize intrusion detection systems in our corporate network to identify potential security threats.

Middleware has documented and implemented internal mechanisms to stop processing upon specific data subject requests, including for direct marketing purposes.

Access to data, system utilities, and program source code libraries are controlled and restricted to those authorized users who have legitimate business need.

Responsibilities and duties are well segregated to avoid repudiation and in-compatibility of responsibilities.

Middleware services are hosted in advanced data center operated by a recognized industry leader Amazon Web Services (AWS). Our vendor adheres to the highest industry standards of quality, security and reliability and continuously monitors the environment using automated compliance checks based on the AWS best practices and industry recognized standards.

content-icons
Application Security

Middleware network, infrastructure and architecture have multiple protection layers that ensure the highest levels of security and control, which includes:

Vulnerability scans are performed at least quarterly on the environment to identify control gaps and vulnerabilities. Vulnerabilities found are resolved within timeframe by our security team.

A third party performs a penetration testing annually to identify and exploit vulnerabilities identified within environment.

Middleware has documented incident response and escalation procedures for reporting security incidents are adopted to guide users in identifying, reporting and mitigating failures, incidents, concerns, and other complaints.

When security events are detected they are escalated to the respective response team, Response time to address the event is 2 hours. We make sure to notify the supervisory authority of Personal Data Breach within 72 hours of becoming aware of the breach.

All data sent to or from Middleware is encrypted in transit using AES256 bit encryption. Our API and application endpoints are TLS/SSL only and score an “A+” rating on Qualys SSL Labs’ tests.

Middleware uses end-to-end encryption for Data in-transit which ensures that only communicating users can read what is sent, and nobody in between, even Middleware.

Middleware uses a Security Hash Algorithm (SHA2) for all password entries. Middleware stores the customers’ sensitive data such as Name, Email, Phone Numbers, Remarks, and chat transcripts in MySQL Database.

Data is encrypted automatically, in real time, prior to writing to storage. As a result, hackers and malicious users are unable to read sensitive data from tablespace files, database backups or disks.

Middleware ensures that the customers can balance the need to store backups at multiple locations in case of a disaster with the need to keep their data out of certain geographies. AWS provides clear data maps and geographic boundary information for all datacenters. Disaster recovery plan is tested on annual basis.

As an Application Service Provider, Middleware collects Personal information such as Name and contact details, chat, messaging transcripts and information related to browsing on behalf of the brand and use of our app.

Customer data will be deleted from Middleware systems upon termination of account or data retention expiration deadlines. Middleware hard deletes all information from currently running production systems. Backups are destroyed within 15 days. Middleware follows industry standards and advanced techniques for data destruction.

Our number one priority is customer’s security, we’re working with security researchers from worldwide to make our customers more secure. Middleware is pleased to recognize the security researchers who have helped make Middleware safer by finding and reporting security vulnerabilities.

The Middleware Bug Bounty Program is to encourage researchers to report about vulnerabilities they’ve discovered to our security and developing team, we reward researchers for submitting their findings. If you’re security researcher and have found a vulnerability in our service please report it to.

security@middleware.io

A multi-layered approach is implemented by Middleware to support its People, Process, and Technological security requirements. If you want more advice and help, get in touch with our Compliance team at team@middleware.io

Solve problems at the source
See Middleware Observability in action

  • Free forever
  • One-click setup
  • Highly scalable
man-with-laptop
  • 10x Faster agent
  • On-premise data storage
  • 100% Secure - end-to-end encryption
Product
  • Infrastructure Monitoring
  • Log Monitoring
  • Distributed Tracing
  • Database Monitoring
  • Synthetic Monitoring
  • Container Monitoring
  • Continuous Profiler
  • Serverless Monitoring
Our Platform
  • Unified Experience
  • Alerts
  • Query Language
  • Pipeline
  • Integrations
Security
  • Security
  • GDPR
  • Privacy-Policy
  • Cookie-Policy
  • Terms & Conditions
Resources
  • Library
  • News
  • Blog
  • Help-Docs
  • API-Docs
  • Datadog Alternative
  • Newrelic Alternative
  • Dynatrace Alternative
Company
  • About Us
  • Career
  • Partner
  • Contact Us
Middleware’s white logo
©2023 Middleware Lab, Inc. All rights reserved
Backed ByY Combinator
SOC 2
GDPR
social-icon
social-icon
social-icon
social-icon
social-icon