Find out how we're leveraging AI to empower you to accelerate your science

Our approach to AI

Security and Compliance

Revvity Signals Software ensures cloud security with a multilayered approach to protect customer data.

Defense in Depth

Defense in Depth

In the face of cyberattacks and emerging threats, Revvity Signals protects customer data with a combination of the most trusted tools, policies, and the IT industry’s best practices. The overall security strategy utilizes a “defense in depth” much like a fortified castle, as it employs numerous layers of protection to block unauthorized access. This approach ensures that even in the unlikely event that a threat actor breaches one layer of defense, they will encounter additional barriers that protect valuable customer data.

Compliance and Third-Party Verification

Revvity Signals surpasses basic regulatory and industry compliance requirements by seeking third-party verification.

SOC 2 Type 2

A compliance standard: how organizations manage data.

By the American Institute of CPAs (AICPA), we adhere to: security, availability and confidentiality.

SOC 2 Type 2

ISO27001

The international standard focused on information security.

For companies to protect information systematically and enterprise-wide, by adopting an information security system.

ISO27001

CIS

Hardening standard, a 3rd-party standard.

The center of Internet Security Hardening is the internationally recognized security standard for defending systems.

CIS

AWS platform services

Amazon Web Services supports advanced encryption standards.

Advanced Encryption Standard (AES) with 256-bit keys or AES256-bit encryption.

AWS platform services
Data Security

Data Security

Revvity Signals adopts a Zero Trust security model, which mandates the authentication of all users involved in data transactions. This includes:

  • Weekly vulnerability scans to detect and patch potential issues, minimizing vulnerability windows.
  • AES256-bit encryption across the product portfolio secures data at rest and in motion.
  • Data segregation and data classification to support the principal of least privilege. Authorized users access only what they need – and nothing else.
  • Automated backups every eight hours for business continuity and robust disaster recovery.
Platform Services

Platform Services

Revvity Signals deploys an array of industry-trusted solutions for another layer of protection.

  • An AI-based endpoint protection platform
  • SaaS security controls
  • Cloud-based security services
  • AWS security services
  • Virus and malware protection
  • CIS hardening standard
Host Security

Host Security

Virtual machines are diligently protected through patching, IP restriction, and whitelisting, ensuring that only authorized users have access. The platform administrator handles account creation and role-based access.

Hosts are secured with weekly Vulnerability Scanning to identify security weaknesses and flaws in systems and the third-party software running on them. Vulnerability scanning protects the organization from security breaches and the exposure of Sensitive Data. There are three types of vulnerability scans done weekly: Host, Web application, and network Perimeter scans.

Network Security

Continuous monitoring
Comprehensive monitoring
24/7 expert coverage
Comprehensive code and runtime security scans
Security Incident Event Management (SIEM)

Policies & Procedures

Revvity Signals adheres to the industry’s gold standards for cyber security policies and procedures, including threat management workflows and incident response plans. Collaboration with third-party forensic experts enhances SecOps’ ability to respond to attacks.

  • Security Incident and Response Procedures (SIRP) are part of ISO27001 compliance definitions. Revvity Security Operations has a predefined Cybersecurity Incident Response Team SIRT with documented attack playbooks identifying predefined workflows and procedures.
     
  • There is a set of certified security policies that are part of the ISO27001 compliance definition that encompass data security, access controls, change management and incident response.