Ozcode Live Debugger Security

White Paper

Ozcode Cloud Icon

Executive Summary

We have built security into Ozcode Live Debugger from the ground up as an integral part of our daily processes. To ensure that every element of our customers’ data is secure, we meet  even the strictest security requirements, such as those of the military, financial, and health sectors. As new threats continue to emerge, we will be proactive and responsive to maintain the highest levels of security and privacy for our customers.

What is Ozcode Live Debugger

Ozcode Live Debugger is a debugging platform for live Production and pre-Production environments. Ozcode drastically reduces the time spent on reproducing bugs, accelerating release
velocity while cutting down incident resolution time by up to 80%. Ozcode Live Debugger key features include time-travel debugging, autonomous exception capture, code-level
observability, PII redaction, and dynamic logging with tracepoints.

Ozcode Live Debugger Architecture

Ozcode Live Debugger is comprised of two main components:

  • Ozcode Agent: runs alongside client applications and adds bytecode instrumentation that extracts telemetry data needed to fix software errors with no noticeable impact on performance. The telemetry data is sent to the Live Debugger server.
  • Live Debugger Server: can be deployed in a variety of configurations. It receives telemetry data from the agent and presents it to users in a web application that provides an interactive IDE-like debugging experience.

DevSecOps at Ozcode

There are no silos at Ozcode. Developers, IT, and Operations work together to deliver smooth-running software that meets enterprise requirements for security. Security is built into both our processes and our culture. We engage in security-conscious activities daily, including dedicated code-reviews, regular periodic training, rotating ownership for raising the team’s security expertise, automated security scans in our CI/CD pipeline, maintaining an inventory of OSS components we use, and more. At Ozcode, we understand that accelerated delivery can increase
exposure to data breaches and that adopting a DevSecOps mindset across the organization is imperative to keeping your software secure.

Compliance

Ozcode is on a near-term path towards SOC2 Type 2 compliance and meets the GDPR requirements for data privacy and sovereignty.

Security in Ozcode Live Debugger

Ozcode Live Debugger collects different application data, including decompiled source code, variable values, logs, HTTP requests, and database queries. To ensure the safety of the data,
Ozcode employs the following security measures:

  • PII redaction: According to flexible, granular configuration, data is redacted before it leaves the client application.
  • IP whitelisting: ensure access only from approved IP addresses.
  • Audit trail: a record is kept of every variable exposed and every user that viewed data.
  • User authentication: via login credentials or Active Directory/Azure Active Directory.
  • Role-based access control (RBAC): 3-tiered role-based access control enables granular separation of roles – Owner, Administrator, User.
  • Data retention: data retention period may be configured by an Admin. Data older than the retention period is irreversibly deleted.
  • Infrastructure: Ozcode’s SaaS service is hosted on Microsoft Azure and is protected by this leading cloud platform’s rigorous multi-layered security measures.

On-premises deployments

Ozcode Live Debugger can be easily deployed on-premises hosted directly on the customer’s IT infrastructure or within a VM. Ozcode presents several security benefits as an on-prem deployment, including source code and data never leave the corporate network, no multi-tenancy, full control over upgrades, and more. Moreover, no requests ever leave the network. This  mode of operation is suitable for environments with no public internet connectivity and can easily be deployed on a customer site with zero downtime.

Cloud-based applications

Ozcode supports a model in which each environment can be segregated into a separate cloud provider tenant/subscription or VPC and have its own Live Debugger server. To simplify deployments, Ozcode supports cloud templates (ARM, CloudFormation, Terraform), enabling simultaneous deployment to multiple segregated environments in a single click.

Continuous security

Ozcode takes a comprehensive multi-layered approach to security, continuously questioning and improving our processes to diligently protect the security and privacy of every element of your data to which we are exposed.


Ozcode Live Debugger

Up to 5 users, 100 monthly agents, and 1M monthly events – ALWAYS FREE 

Ozcode Production Debugger - GET A DEMO

Live Debugger

Bridge the gap between finding errors in production and pinpointing their root cause in code

Thanks for downloading the OzCode trial!

You’re well on your way to making C# even sharper.

If your download doesn’t start automatically , please use this direct link.

If you’d like to install OzCode but don’t have
administrative privileges on your machine, please contact us.

Get Started for FREE!

Ozcode Logo

This website uses cookies to ensure you get the best experience on our website.