Pega Platform tracks many types of security events such as failed logins and password changes. You can optionally track many other types of security events, as well as changes to rules and data. By tracking these changes, you can understand how your system is functioning and be alerted of any potential problems.
- Rule and data change auditing
Pega Platform maintains a history of changes to certain data classes and rule types. You can use this history to diagnose system issues and to demonstrate compliance to internal and external auditors.
- Security event configuration
The security event configuration feature is part of security information and event management (SIEM) that combines security information management (SIM) and security event management (SEM). Use the Security Event Configuration landing page to configure the logging of security events so that you can diagnose system issues and demonstrate compliance to auditors.
- Security alerts
Security alerts are generated for situations such as attempts to hijack a user session. You can review the security alerts by viewing the security alert log.
- Mitigating common security vulnerabilities
In addition to the policies on the Security Policies landing page, Pega Platform offers additional security restrictions that control cross-site request forgery (CSRF), content security policies (CSP), cross-origin resource sharing (CORS), and others. Use these features to ensure that your system is as secure as possible.