How does UiPath meet the data and access security requirements of modern enterprises?

User access control is role-base with customized password complexity. Access is appropriate for work requirements and controlled by role and responsibility differentiations. Also, customers can customize the complexity of passwords across the role-based categories. Robot credentials are 256-bit encrypted & stored in either MS Credentials Manager or CyberArk’s Identify Manager. Because robots mimic the UI actions of human employees, they need the same credentials as those employees to access systems and applications. The UiPath Platform provides customers with two options for the secure storage of robot credentials - both of which include 256-bit encryption of the credentials themselves: stored on-premises in a SQL database using Microsoft’s Credentials Manager, or stored off-premises in a CyberArk database using CyberArk’s Identify Manager. Network security is based on TLS 1.2 w/256-bit AES encryption. Authentication headers meet IPSec standards. Our Enterprise Platform can’t function without network communication: for example, Studio uploads automations into a secured repository; Orchestrator then retrieves and assigns those automations to various robots. Accordingly, the network transport layers for this communication must be secure. We use TLS (which stands for ‘transport layer security’) 1.2 with 256-bit AES encryption. This meets the highest standards for network security. Product & 3rd party code are Veracode tested for flaws and security vulnerabilities. UiPath uses Veracode for regular testing of our platform code and also all natively integrated third-party code. Veracode is a cloud-based security analysis service, used by a large number of global financial institutions, that performs a series of security checks on cloud, enterprise and mobile applications. These checks are designed to find vulnerabilities to breaches or hacking. Version control is provided natively by either TFS (MS Team Foundation Server) or SVN (Apache Subversion). The purpose of version control is to make sure individual developers and teams track code changes over time. Accurate code tracking supports productive team collaboration which, in turn, results in quicker development times.