Overview
LAST UPDATED: 05 / 10 / 2017

Coveralls Enterprise operates on your infrastructure, which means it is governed by your existing information security controls: from firewalls and VPNs, to IAM and monitoring systems. This on-premises solution can help you avoid the regulatory compliance issues that arise when you use cloud-based solutions. Below is an overview of the security features built into the appliance, along with information about Coveralls's development practices for application security.

Organizations

Organizations, created on your locally installed GitHub Enterprise instance, are a core concept in Coveralls Enterprise. Membership to and organization on GitHub enterprise grants a user on Coveralls access to all of that organization's repositories.

Authentication

Coveralls Enterprise provides two primary authentication methods.

These include:

SSH for both OS level systems administration and Git protocol access. SSH access is only allowed using public key authentication.
Personal Access Tokens for API and external service authentication.

Encrypted Communications

Coveralls Enterprise is designed to run behind your corporate firewall. To secure communications over the wire, we encourage you to run Coveralls Enterprise over SSL. An administrator can add 2048-bit or higher commercial SSL certificates for HTTPS traffic.

Application Security

Coveralls's application security team focuses full-time on vulnerability assessment, penetration testing, and code review for Coveralls products.

External Services and Support Access

By design, Coveralls Enterprise is able to operate without any egress access from your network to outside services. The system administrator can optionally enable the integration of external services such as SMTP.