Magnolia Security

Security isn’t negotiable - so we build every element of Magnolia with your stability and protection as our priority. 

Advanced Security blog-3
dark teal bg
The_Hartford_Financial_Services_Group_logo
ping-an-logo-v2
American_Express_logo
logo-generali-2019-12
logo-union-investment-2023-05
sainsbury's-bank-logo
baloise-group-logo

Track record

For over 20 years, we’ve powered digital experiences for some of the world’s biggest and most high-profile businesses without a single known breach.

Security protocols

We adhere to secure design and development principles, testing all of our software for vulnerabilities at every stage to ensure that you’re safe with every code change.

Security accreditation

We are fully accredited for our industry’s key security certifications: ISO 27001 and SOC 2. We also hold key national certifications such as ENS (Spain) and NIST (US).

Secure your business with an enterprise DXP

Engagement

Securing your users

Granular permissions and user identity management ensure that you have total control over who can access, edit and share once logged into your platform.

With SSO and IDP federation, you can bring in your own identity management system, to enforce your own security policies up to enterprise scale and instantly remove access when needed.

Compliance

Securing your data

Your data stays under your control with a dedicated single-tenant hosting, physically separating your data from that of other Magnolia customers. 

All data is encrypted. On top of that, Magnolia also supports BYOK (Bring Your Own Key), allowing you to work towards a Zero Trust security approach that ensures you have total control.

Devs and Marketers

Securing your applications

Out of the box WAF (web application firewall) ensures nobody can hack through your website deeper into your systems, and that your websites are always available.

We also provide intrusion detection, block malicious attacks and protect you from web defacement that could lead to regulatory issues.

Host anywhere

Securing your operations

Launch and operate without interruptions on a platform where every part of the infrastructure is safe and compliant. 

We make sure you’re always on the latest version, with all the security patches, without the need for your own dedicated staff monitoring processes for any problems.

Magnolia’s security measures in the cloud

Our cloud platform is highly secure out of the box.
For the businesses that have extensive security needs, we also offer some advanced security features.

Security aspect

Standard Security
Advanced Security

Magnolia’s security features for self-hosted systems

Magnolia follows industry standards for security based on the Java Authentication and Authorization Service (JAAS). 
 

For an overview of all security features for the Magnolia application, read our documentation.

  • Secure authentication and authorization (granular permissions) 
  • Sign in once and access all related systems with SSO and IDP federation
  • Control access to your content (content security policy, IP-based access management, path security)

Proven security & compliance

Magnolia holds the industry's key security certifications, and collaborates with Compass Security on regular security reviews and penetration testing.

qms-iso-27001
A-LIGN-SOC Badge
ens-badge-1
Discover more
new Why we prioritize security on Magnolia Digital Experience Platform 1200x628
  • Security

Why we prioritize security on Magnolia Digital Experience Platform

Read the blog
Advanced Security blog
  • Security

Enhancing security in the cloud: Introducing advanced solutions for Magnolia PaaS

Read the blog
Advanced Security Solution Brief_TEaser
  • Security

Magnolia security best practices

Read the blog