-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Showing
48 changed files
with
560 additions
and
285 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,46 @@ | ||
| # PSOXY - A pseudonymizing DLP layer between Worklytics and your data | ||
|
|
||
| [](https://github.com/Worklytics/psoxy/releases/latest) | ||
|  | ||
|  | ||
|
|
||
| A serverless, pseudonymizing, DLP layer between Worklytics and the REST API of your data sources. | ||
|
|
||
| Psoxy replaces PII in your organization's data with hash tokens to enable Worklytics's analysis to | ||
| be performed on anonymized data which we cannot map back to any identifiable individual. | ||
|
|
||
| Psoxy is a pseudonymization service that acts as a Security / Compliance layer, which you can deploy | ||
| between your data sources (SaaS tool APIs, Cloud storage buckets, etc) and the tools that need to | ||
| access those sources. | ||
|
|
||
| Psoxy ensures more secure, granular data access than direct connections between your tools will | ||
| offer - and enforces access rules to fulfill your Compliance requirements. | ||
|
|
||
| Psoxy functions as API-level Data Loss Prevention layer (DLP), by blocking sensitive fields / values | ||
| / endpoints that would otherwise be exposed when you connect a data sources API to a 3rd party | ||
| service. It can ensure that data which would otherwise be exposed to a 3rd party service, due to | ||
| granularity of source API models/permissions, is not accessed or transfered to the service. | ||
|
|
||
| Objectives: | ||
| - **serverless** - we strive to minimize the moving pieces required to run psoxy at scale, keeping | ||
| your attack surface small and operational complexity low. Furthermore, we define | ||
| infrastructure-as-code to ease setup. | ||
| - **transparent** - psoxy's source code is available to customers, to facilitate code review | ||
| and white box penetration testing. | ||
| - **simple** - psoxy's functionality will focus on performing secure authentication with the 3rd | ||
| party API and then perform minimal transformation on the response (pseudonymization, field | ||
| redaction) to ease code review and auditing of its behavior. | ||
|
|
||
|
|
||
| ## Documentation | ||
|
|
||
| For full documentation, visit [https://docs.worklytics.co/psoxy](https://docs.worklytics.co/psoxy). | ||
|
|
||
| For development purposes, latest docs are also accessible at GitHub [docs/](./docs/README.md). | ||
|
|
||
| ## Support | ||
|
|
||
| Psoxy is maintained by Worklytics, Co. Support as well as professional services to assist with | ||
| configuration and customization are available. Please contact | ||
| [[email protected]](mailto:[email protected]) for more information or visit | ||
| [www.worklytics.co](https://www.worklytics.co). |
Oops, something went wrong.