Article

Oct 16, 2019

This article is part of the Pega Cloud Services Subscription Documentation. Pega Cloud Services provides effective counterstrategies to protect against Distributed Denial of Service (DDoS) attacks. The Pega Cloud Services infrastructure architecture is designed to prevent and mitigate DDoS attacks…

Article

Oct 16, 2019

This article is part of the Pega Cloud Services Subscription Documentation. Pega and the client are both responsible for security in Pega Cloud Services: The Client is responsible for the security of, and access to, the Client Application at the application level. Pegasystems is responsible for the…

Article

Oct 8, 2019

You have the option of using the Pega Cloud Virtual Private Network (VPN) service to extend your private networks to Pega Cloud for managing proprietary data traffic, such as on-premises web services or data integration. The Pega Cloud VPN securely connects the existing network to Pega Cloud…

Article

Oct 8, 2019

Pega Cloud services offers a robust set of networking and security controls that enable customers to leverage the power of Pega Platform ™ and strategic applications as a cloud-delivered service. Your service is deployed in a dedicated virtual private cloud (VPC) that includes sandbox and…

Capability

Oct 4, 2019

Find resources a Pega user may need to ensure an application is secure, including managing authentication, setting up authorization, and configuring auditing.

Article

Sep 30, 2019

Implementing client-based access control (CBAC) helps you satisfy the data privacy requirements of the European Union (EU) General Data Protection Regulation (GDPR) and similar regulations. Personal data is associated with an actual person, not with an abstract entity such as a business. If your…

Article

Sep 23, 2019

Authentication time-out is the length of time between when user activity in a browser session ceases and Pega Platform™ requires reauthentication. The expired browser session is still displayed during this time. When users are inactive for a certain period of time, Pega Platform requires users to…

Article

Sep 23, 2019

The SECU0009 security alert is generated when a browser reports a violation of your application's Content Security Policy. The alert message describes the violation as an attempt by an untrusted source to load content. If the content should be blocked, remove the reference to the blocked…

Article

Sep 16, 2019

Data encryption in Pega Platform™ gives sensitive data in your applications an additional layer of security while preserving critical Pega Platform functionality. Data encryption makes it easier to comply with privacy policies, regulatory requirements, and contractual obligations for handling…

Article

Sep 10, 2019

As a best practice, before moving your application from development to a production environment, configure these dynamic system settings to enable greater security in your application. The settings shown below with the prefix "prconfig" can also be set on a per-node basis in the prconfig.…