Security

TigerGraph provides a comprehensive set of security features, including authentication, access control, and encryption to secure your data and communication.

Network access

Authorization

Operational compliance

TigerGraph Server meets the following security compliance standards as certified by third-party audits:

Vulnerability scanning

TigerGraph leverages best-of-breed tools to periodically and proactively scan source code, application runtime, infrastructure to identify security vulnerabilities:

  • Dynamic Application Security Testing (DAST)

  • Static Application Security Testing (SAST)

  • Software Composition Analysis (SCA)

  • Penetration Testing

  • Operating System (OS) Level Vulnerability Scanning

  • Network Vulnerability Scanning

Vulnerability remediation

TigerGraph commits to vulnerability remediation upon discovery by the following timelines:

  • Critical/high: 30 days

  • Medium: 90 days

  • Low: 180 days

PGP key

TigerGraph Server download packages are signed with our PGP key. This ensures the authenticity and integrity of the download package.

  • Key ID: 413D1F12

  • Fingerprint:E20D 2B61 FB38 57D4 3B8E B321 67BD 323E 413D 1F12

You can also find our key on https://pgp.mit.edu.