What is the Platform.sh approach to app security?

Notes

Teams need to be able to know and verify that their sites are secure at all times. On Platform.sh, every change to your application code, infrastructure or otherwise, has to occur through Git. Helping to boost your app security and provide you with greater visibility. This ensures that even when team members commit broken code, it can always be traced back to the source. So you can find out what was changed, who made that change, and when was it applied to production, all visible in the Git log. Additionally, Platform.sh containers are read-only post-build, making it impossible for anyone to "fix it live" and forget it. That means that even if the site has been compromised, the code can't be. What's more, Platform.sh provides strict controls to limit who can contribute to which environments right from the beginning. So even though you can add a user to commit to one branch, they are incapable of merging into master without proper review first. Because no one likes broken code, even on Fridays. Take a look at our demo video above to see how Platform.sh approaches app security for our users.