This guide will serve to communicate the technical requirements of our products to your team. Getting an early start on these technical tasks and internal governance will ensure a seamless onboarding experience.
Table of Contents
Whitelisting is an important component of integrating Living Security's suite of applications. Use the following guide to avoid connectivity issues:
|Description||Wildcard URL||Specific URL(s)||Port||Req'd?|
|Gameplay||*.twilio.com||IP Addresses||UDP 3478||Yes|
Detailed whitelisting and troubleshooting by product:
- Living Security Teams Whitelisting
- Living Security Training Platform Whitelisting
- Living Security Phish Whitelisting
The Training Platform is able to send training invitations, notifications, and other emails directly to participants. To ensure these emails do not get flagged, blocked or filtered as a phishing or spam email, please whitelist our IP addresses:
Browser compatibility and Desktop policies
The Living Security Training Platform is designed to work with most browsers but we currently only support the latest version of Microsoft Edge and Google Chrome. This is because the Platform utilizes libraries which may not support some older versions of browsers or specific features of certain browsers, including Internet Explorer (IE).
The Teams gameplay experience will utilize both the microphone and camera of each participant. If your organization restricts this for end users, please make an exception for our web applications.
For more information on setting these exceptions for your environment see Manage Chrome policies with Windows registry or Configuring Microsoft Edge policy settings on Windows.
Currently, only Living Security Training supports Single Sign-On (SSO). We've made it really easy for you to set up SAML SSO from within your admin account.Schedule a meeting!
Both Living Security Phish and Training support some type of automatic user provisioning. Training supports Just-in-Time (JIT), SCIM provisioning, and manual list uploads, whereas Phish supports strictly SCIM. Use the guides below to configure your provisioning method of choice:
- Living Security Training
- Just-in-Time (JiT)
- Manual Import
- Living Security Phish
Need to test or troubleshoot with a Living Security Technical Specialist? Schedule a meeting!
Security tool considerations
Security tools like ZScaler, Netskope, and Forcepoint have an optional setting that can make them act as an SSL Proxy. Some services (like Firebase) don’t like SSL Proxies sitting between them and users. If your organization uses one of these network security tools and are having trouble getting tests to pass, adding an SSL bypass rule will likely resolve blocking issues. You can find more detailed information on what this means and how to do this in the following articles:
We use the third-party service Auth0 to handle our user authentication and authorization. This allows us to easily support the SAML single sign-on (SSO) that our clients would expect from an enterprise software platform.
It also provides the ability for “Passwordless” authentication that is used in the Teams Gameplay tool for a lower barrier of entry. The session participant simply enters their work email address and receives a one-time code to enter. This way, no password is even associated with their account.
Contentful delivers all of our content including lessons, quizzes, and puzzles.
Cloudinary is for video and image content delivery / streaming service.
For real-time gameplay syncing across players in Teams.
LaunchDarkly allows us to create, organize, and maintain feature flags at any scale. For more information click here.
Datadog is a managed logging and cloud monitoring service that makes it easy for us to track the usage of our products and easily debug errors when they occur. We use Datadog to centralize both frontend and backend logs, which provides us with a holistic view of everything happening across all of our various services.
System overview and security summary
|What data does LS store for Teams?||
Name, password, email, and public IP.
The following is stored to improves user experience through NPS collection and feature tracking: browser, device type, OS, hostname, country, viewport width, viewport height, timezone, user roles, userID
|What data does LS store for Training?||Name, password, email, job title, job location, department, and public IP.|
|How does Living Security store data at rest?||Living Security data at rest is encrypted with AES 256.|
|How Does Living Security encrypt data in transit?||Living Security data in transit is encrypted with TLS 1.3|
|Where does Living Security store data for training?||Living Security stores data in AWS-US-East1. Also there are subprocessors that store data in AWS-EU-West1 (Hotjar, App user monitoring).|
|Where does Living Security store data for Teams?||Living Security stores data in AWS-US-East1. Also there are subprocessors that store data in AWS-EU-West1 (Hotjar, App user monitoring), and Google US-central1 (firebase, used to synchronize the experience).|
|Who is the Platform as a Service provider?||AWS|
|Where is your AWS environment located?||AWS-US-East1|
|Are you SOC Certified?||Living Security Teams is SOC 2 Type 1 certified for its products.|
|What is your backup policy?||Client session data is exported daily and sent to Snowflake for internal reporting and usage tracking.|
Before sending a security questionnaire please review our Shared Responsibility Model.
Need to test, troubleshoot, or schedule a working session? Click here!