Security
- Engineering
- Last Updated: April 24, 2024
- Ethan Limchayseng
This article was originally authored by Srinath Ananthakrishnan, an engineer on the Heroku Runtime Networking Team
This following story outlines a recent issue we saw with migrating one of our internal systems over to a new EC2 substrate and in the process breaking one of our customer’s use cases. We also outline how we went about discovering the root of the issue, how we fixed it, and how we enjoyed solving a complex problem …
- News
- Last Updated: October 05, 2021
- Ethan Limchayseng
Since April 2021, the Heroku Runtime team has been working to deploy upgrades to the infrastructure powering Common Runtime apps, and we’re excited to formally announce the performance improvements that customers are already seeing.
When this Changelog post was published in May introducing the changes, almost all Common Runtime apps had been migrated from what we internally called the “classic“ infrastructure to the new “sharded” architecture. In addition to performance enhancements, this migration is expected …
- News
- Last Updated: April 12, 2021
- Tushar Pradhan
Customer Trust is our highest priority at Salesforce and Heroku. It’s more important than ever to implement stronger security measures in light of increasing security threats that could affect services and apps that are critical to businesses and communities.
We’re pleased to announce that all Heroku customers can now take advantage of the security offered by Multi-Factor Authentication (MFA). We encourage you to check out these new MFA features and add another layer of …
- News
- Last Updated: June 11, 2020
- Scott Truitt
We are thrilled to announce that Heroku Shield for Redis is now generally available and certified for handling PHI, PII, and HIPAA-compliant data. Heroku Shield for Redis is the final missing data service for Heroku Shield, which is an integrated set of Heroku services with additional security features needed for building high compliance applications. All Heroku Managed Data Services — Heroku Connect, Heroku Data for Redis, Heroku Postgres, and Apache Kafka on Heroku — are …
- News
- Last Updated: May 06, 2020
- Scott Truitt
Security is always top of mind for Heroku customers; COVID-19 has further increased the urgency for enterprises and developers to deliver more mission-critical applications with sensitive and regulated data.
Given the needs of our customers, including those in regulated industries like Health & Life Sciences and Financial Services, we are thrilled to announce that Heroku Private Spaces and Shield customers can now deploy a new Postgres, Redis, or Apache Kafka service with a key created …
- News
- Last Updated: May 14, 2024
- Scott Truitt
Today, we’re thrilled to announce four new trusted data integrations that allow data to flow seamlessly and securely between Heroku and external resources in public clouds and private data centers:
- Heroku Postgres via mutual TLS
- Heroku Postgres via PrivateLink
- Apache Kafka on Heroku via PrivateLink
- Heroku Redis via PrivateLink
These integrations expand Heroku's security and trust boundary to cover the connections to external resources and the data that passes through them. They enable true multi-cloud …
- News
- Last Updated: October 01, 2019
- Scott Truitt
We are thrilled to announce that Apache Kafka on Heroku Shield is now generally available and certified for handling PHI, PII, and HIPAA-compliant data. Our newest managed data service unifies Heroku Shield, a set of Heroku platform services that offer additional security features needed for building high compliance applications, with Apache Kafka on Heroku, our fully-managed service based on the leading open-source solution for handling event streams.
Organizations of all sizes face relentless pressure to …
- News
- Last Updated: April 03, 2024
- Sepideh Setayeshfar
Today we are thrilled to announce the general availability (GA) release of Heroku Enterprise Accounts. All Enterprise Teams associated with a company are nested under an Enterprise Account which delivers a higher level of visibility and accountability. With an Enterprise Account, executives and admins can ensure trust and improved agility with simple fast management of teams, users and expenses, so application development teams can stay focused on the development process.
With applications sitting at …
- News
- Last Updated: July 23, 2019
- Scott Truitt
There are many reasons to choose Heroku Data services, but keeping the services you use secure and up-to-date rank near the top. This foundation of trust is the most important commitment we make to our customers, and frequent and timely maintenances are one way we deliver on this promise.
We do everything we can to minimize downtime, which is typically between 10 – 60 seconds per maintenance. There are ways for you to minimize disruption too (see the tips and tricks below). The rest of the post explains how we think about Heroku Data maintenances, how we perform them, and when we perform them.
Hackers exploit known but unpatched vulnerabilities or out-of-date software. Minimizing the time between when a patch or update becomes available and when it gets deployed is the most effective means of limiting damage. There’s nothing worse than seeing your company’s high-profile breach at the top of Hacker News and the Wall Street Journal.
This business and reputation risk is real. Like you, we’re faced with the same choice. We believe it’s best to budget some prevention time upfront for patching and updating data services. Otherwise, an incident may cost us (and you) a larger amount of remediation time and effort, to say nothing of the potential damage done to our (and your) brand, business, and customers.
That’s why we invest significant engineering, security, and operations effort into creating a proactive security posture that keeps your stack up-to-date through frequent, scheduled maintenances.
- News
- Last Updated: May 22, 2019
- Scott Truitt
Today, we're thrilled to announce Heroku Postgres via PrivateLink, a new integration that enables customers to seamlessly and securely connect Heroku Postgres databases in Private Spaces to resources in one or more Amazon VPCs. Heroku Postgres via PrivateLink connections are secure and stable by default because traffic to and from Heroku Postgres stays on the Amazon private network; once a PrivateLink is set up, there is no brittle networking configuration to manage. As always, security …
Subscribe to the full-text RSS feed for Security.