Enterprise Grade Security
Why banks trust Forrit to deliver operationally resilient, consumer web services that satisfy PRA audit requirements
Standards Compliant
The Forrit CMS is built to enable regulated businesses meet today's rigorous operational standards. An ISO27001 business, Forrit and our Platform are secure by design. Our approach to advanced threat intelligence, platform resilience, high availability and in the very worst case, fast service recovery is all designed to ensure your business can remain compliant with the Prudential Regulatory Authority, DORA and NIS2. Which all adds up to a highly secure platform without compromising user experience.
Automatic Media Malware Scanning
Every item uploaded Forrit's Media Library is scanned in near real-time to detect and mitigate malware threats. Forrit uses Microsoft Defender Antivirus to scan content, ensuring security and compliance. Our automatic process prevents harmful content entering the CMS and is transparent to users.
Bank Grade Security
We've built the Forrit CMS to enable highly regulated businesses meet modern Operational Resilience standards. Deployed in minutes with our Service Delivery Hub to support the most exacting security standards, our platform is flexible enough to adapt to your operational model with optional services such as managed SOC, break-glass, security penetration and resiliency testing.
Air Locked Publishing
The Forrit Platform's decoupled 'Airlock Publishing' architecture means your back-end data can’t be compromised. Content is pushed to front end publishing services which cannot access core CMS data. It's another layer to our Defence in Depth approach and a key reason why independent risk and penetration testing finds our CMS so resilient to modern threats.
Unified Threat Defence
Forrit uses Microsoft Web Application Firewall (WAF) to defend against vulnerabilities and exploits and actively protects your web content from the Open Web Application Security Project (OWASP) top 10 security Risks. WAF defends against malicious bot and DDoS attacks with custom and managed rule sets. You can monitor your environment in real-time with alerts and detailed reports to stay ahead of bad actors.
More Benefits
Secure Resource Management
Our Service Delivery Hub controls access with granular Microsoft Azure Entra backed control.
Pen Test Rigour
Every Forrit Platform product release is pen tested plus optional testing is available for customer environments too.
Secure Workflows
Workflow approvals and publishing backed by Azure Entra identity management.
Secure Auditing
Every Forrit CMS task, action and change securely logged for future audit and review.
ISO27001 Compliant
Forrit Technology Ltd is fully ISO27001 compliant.
SoC Options
Integrate with your own or an approved 3rd party Security Operations Centre.