<img height="1" width="1" src="https://www.facebook.com/tr?id=1758628641118349&amp;ev=PageView&amp;noscript=1">

Enterprise-Ready, Secure and
Trusted SaaS Solution

Trust is the cornerstone of any successful partnership, which is why we provide every customer a reliable and secure SaaS offering. And since we believe trust also requires transparency, this page gives you an overview of how we protect your data and ensure compliance and system availability.

availability

Availability

Your organization relies on access the availability of our software which thrives us to do everything in our power to ensure all systems are up and running at all times.

Learn more
Security & Compliance

Security & Compliance

We are compliant with GDPR and have several measures in place to ensure security. We are even certified by the TUEV.

Learn more
resources

Resources

We believe in transparency and therefore want to make it easy for you to find all relevant security and trust resources in one place.

Learn more

Availability

You rely on us delivering the best and most reliable SaaS, which is why we build on modern technologies, best-in-class processes and transparency to ensure the availability of our solution.

Availability

Building on Modern Technologies

An important part of ensuring availability is building a reliable foundation. For this reason, we decided to implement our software on the basis of a Microservices Architecture. Also, we make use of state-of-the-art technologies such as GraphQL to offer a graph-based API, and we aim to have a reasonable and maintainable tech stack, which can be viewed e.g. on stackshare.io.

security-modern-technologies-6-Col-XL

  • Microservices Architecture

    Our software is divided into multiple component services (Microservices) to quickly and accurately repair or update bits and parts of the product without compromising the integrity of the application.

  • Graph-based API

    With our state-of-the-art graph-based API (leveraging GraphQL developed by Facebook), we provide an excellent way to request exactly what you need, improving response times.

  • Transparent Tech Stack

    We're built ourselves on a modern technology stack and are happy to share it. Learn more on https://stackshare.io/leanix

Availability

Transparent Performance Monitoring

We use different systems and mechanisms to monitor the performance as well as the availability and response-times of our LeanIX solution. In case of incidents, we have a dedicated on-call-engineer who is available 24/7 to solve the incident.

security-monitoring-490px-7-Col-XL

  • Availability and Response-Time

    We make the availability and response-times of our software publicly available to you via
    http://monitoring.leanix.net/.

  • Application Performance

    Using solutions like Pingdom and New Relic, we constantly monitor LeanIX’s performance to stay aware of issues.

  • Dedicated 24/7 On-call-Engineer Setup

    Similar to a nurse in a hospital, our on-call engineer is always available to fix critical issues to ensure a speedy resolution.

Availability

Build for Scale

LeanIX is built for scale, and if you're looking for an enterprise-ready role and rights management system, we’ve got you covered. We also allow customers to manage users from a single, central directory using either the LeanIX Identity Management or any 3rd party SSO Identity Provider.

security-build-for-scale-490px-6-Col-XL

  • Built-in Identity Management

    LeanIX comes with a build in Identity Management and a comprehensive roles and rights model to ensure compliance.

  • Integrate with SSO Identity Providers

    Have a 3rd party SSO Identity Provider in place? Not a problem—LeanIX can easily integrate with all SAML 2.0 compliant providers.

  • Scalable Hosting

    Hosting via AWS and Strato allows LeanIX to be reached worldwide and guarantees maximum availability.

Request Your Tailored Demo

Depending on your individual requirements and your calendar, we'll create a product demonstration tailored to your specific needs.

Security & Compliance

Data security is our top priority. For this reason, we have introduced several processes and regulations to ensure the security of your data and enable better compliance.

Security & Compliance

Data Security

On our end we ensure data protection and are even certified by the TUEV Saarland. Also, we have robust password policies in place and ensure data encryption. Also, by following the Principle of Least Privilege (PoLP) we ensure only necessary privileges are given.

security-tuv-approved-6-Col-XL-1

  • Certified Data Protection

    With the TUEV "Approved Data Protection" we are certified to fulfill legal requirements of data protection in our product and as a company.

  • Data Encryption

    Data is encrypted in transit using TLS 1.2 protocol with strong ECDHE ciphers.

  • Robust Password Policies

    To ensure data security on an employee level, passwords are hashed using a strong bcrypt algorithm. Strong password configurations are enforced in line with global best practices.

  • Principle of Least Privilege (PoLP)

    We follow the Principle of Least Privilege (PoLP) and employees are given only privileges that are necessary for performing their duties.

Security & Compliance

Security Baked-in

We believe that security must be part of the foundation, so we rely on secure hosting partners and regular penetration testing. In addition, we have a dedicated security team focused on the highest levels of security and compliance.

security-bakedin-490-7-Col-XL

  • Secure Hosting

    Our data center partners AWS and Strato comply to the highest standards and are e.g. ISO and SOC certified.

  • Regular Penetration Testing

    Penetration tests are performed on LeanIX by external experts and cover confidentiality and integrity aspects of the application.

  • Dedicated Security Team

    With a dedicated LeanIX Security Team, we ensure data compliance and security and tackle new certifications.

Trust & Security Resources

Find links to resources covering relevant information on LeanIX’s Availability, Modern Architecture, Data Security and Compliance.