Relativity Security White Paper
The security white paper for Relativity, Understanding Security in RelativityOne, is available for download here. It was released in February 2019. Keep the following points in mind about Relativity's approach to cyber security:
Relativity takes a proactive approach in attempting to identify threats, making use of Recorded Future and Anomali ThreatStream.
It examines the dark web, including Tor sites and hacker forums, looking for malicious code and stolen documents.
Malware is reviewed in sandboxes so Relativity can understand how it functions.
It monitors its network traffic for unusual data transfers.
It takes the possibility of insider threats into consideration.
Penetration testing is performed at least once a year.
Splunk is used for log automation so data can be monitored more quickly and comprehensively.
Relativity uses a threat intelligence platform (TIP) to collect data automatically.
Developers must take courses in secure coding.
Code libraries are scanned for vulnerabilities.
Relativity is ISO 27001 certified, HIPAA compliant, and has achieved SOC 2, Type II attestation.
Relativity's Azure infrastructure meets additional security standards.
It participates in the Information Sharing and Analysis Center (IT-ISAC) to share and gather information about cyber threats.