SOC-2, Type-2 Certified.
Highly Secure Logically Partitioned Hosted Architecture
BoostUp is a SOC 2, Type-2 certified, security-first company, dedicated to protecting our customers’ valuable information. We ensure the security, availability, confidentiality, processing integrity, and privacy of our customer data.
Our logically partitioned hosted architecture isolates customer data inside our database, allows granular deletion, access control and management policies, and ensures maximum security. This architecture completely isolates your data and gives you fine-grained control over data retention and deletion.
BoostUp’s cloud service is completely hosted in AWS, in data centers that reside within the United States. AWS data centers are highly secure, and are SOC1, SOC2 and SOC3 compliant. All our production and staging servers are hosted in their own Virtual Private Clouds (VPCs). We make extensive use of security groups to restrict access to these servers, enabling only the minimum level of access needed for operation.
Application and Data Security
BoostUp only allows login via Single Sign-On (SSO). SSO login is supported for Google Apps and Office365. As a result, BoostUp never stores any user passwords in our database.
The BoostUp security team encourages responsible reporting of any vulnerabilities that may be found in our site or applications. BoostUp is committed to working with security researchers to verify and address any potential vulnerabilities that are reported to us. Please refer to our Vulnerability Disclosure Policy for more details.
BoostUp.ai employs the principle of least privilege – users should only be able to access functions, data files, URLs, controllers, services, and other resources, for which they possess specific authorization. This implies protection against spoofing and elevation of privilege.
Access to sensitive records is protected, such that only authorized objects or data is accessible to each user. BoostUp.ai application uses strong random anti-CSRF tokens and correctly enforces context-sensitive authorization so as to not allow unauthorized manipulation by means of parameter tampering.
All cryptographic modules fail securely, and errors are handled in a way that does not enable oracle padding. All cryptographic algorithms used by BoostUp.ai have been validated against FIPS 140- 2. TLS is used for all connections including both external and backend connections.
All sensitive data is sent to the server in the HTTP message body or headers only. Proper certification revocation, such as Online Certificate Status Protocol (OCSP) Stapling, is enabled and configured. Only strong algorithms, ciphers, and protocols are used, through all the certificate hierarchy, including root and intermediary certificates. All data is stored at rest on EBS volumes in an encrypted form.
Malicious Input Handling
All SQL queries, HQL, OSQL, NOSQL and stored procedures, calling of stored procedures are protected and not susceptible to SQL injection. BoostUp.ai application has security controls in place to prevent LDAP injection, OS command injection, Remote File Inclusion (RFI), Local File Inclusion (LFI), XML attacks and DOM Cross-Site Scripting (XSS) attacks.
Our customers love BoostUp.
After doing our vendor landscape due diligence, BoostUp was the only complete revenue intelligence platform in a market full of point solutions. We needed one connected revenue intelligence solution that solved all our needs - one built for our entire revenue team to drive forecasting, accuracy in our forecast, and scale deal reviews.
With BoostUp, we’ve been able to break down the barriers between every member of the account team. With this newfound visibility and transparency, our sellers can focus on the right action at the right time. The result is a higher-performing, more profitable, far more efficient, and actionable sales organization.
With BoostUp, I can inspect pipeline in 1/10th of the time, and call deals 2x more accurately, which helps us as an organization forecast more efficiently and reliably. Our leaders now have an excellent lens to evaluate deal risks instantly.
We use BoostUp to understand deal risk and understand deal velocity. With BoostUp, we are easily 5 times as efficient, 100% more confident in our forecasting approach and projections, and have shaved off 20 hours a month in our forecasting preparations.
BoostUp has made deal-by-deal opportunity management much simpler, which has made our forecasting projections significantly more accurate and something we can truly trust. It allows me to prioritize at-risk deals and coach more efficiently. And the really good reps have adopted BoostUp as it gets them insights into their deal activity and allows them to sell more effectively.