Security

Exto is built considering the IT security standards and best practices, which includes secure default configuration, sensitive data protection, authentication ,and access control.

Exto services only accessible over TLS 1.2 and secured over REST.

Users can access the application using native authentication or SSO with Google and Microsoft.

Internal services and Integration API's need to acquire JWT (JSON Web Tokens) for authentication and authorisation.

Security measures implemented to grant project access to users and tenants. No tenant will be able to access other tenant projects.

The folders and files in Exto cannot be accessed until they are granted access permissions. This makes the document modeling secure.

Exto is also VAPT compliant thereby keeping the data secured and protecting the software from evolving threats.

Exto is SOCII certified