HunchBuzz is a New Zealand company that provides cloud-based idea and Innovation Management Software (IMS) globally. Our company is an approved supplier to the UK Government via the G-Cloud digital marketplace and the New Zealand Government Digital Marketplace. Our services are hosted at Amazon Web Services (AWS) datacenters.
HunchBuzz products include HunchBuzz Idea Management and krunch collaboration services. This policy applies to all HunchBuzz products.
All connections to HunchBuzz products are secured via SSL. Any attempt to connect over HTTP is redirected to HTTPS.
HunchBuzz has a secure internal API framework within a Demilitarized Zone (DMZ). Front-end code is separated from the core API providing a robust security layer, access to the API is strictly limited.
HunchBuzz utilises secure development best practices that integrate security reviews throughout design, prototype, and deployment. Hosted within a secured public cloud, the HunchBuzz platform is self-contained and cannot detect, interfere with or view any other platform within the hosting environment. This policy is managed at a layer not accessible to other platforms within the environment. More detail:
HunchBuzz has strict rules and checks around who has access to the back-end database and services. Only specific staff have access to make changes and modifications, all access to the back-end systems is logged.
Post content verification is achieved through a web application firewall. Post-like events such as spam, login credentials, hacking, XSS, SQL injection will be stopped in real-time.
Our network Scans HTTP headers abused by spammers and denies access. These checks also challenge visitors that do not have a standard web browser or user agent.
We use an industry standard Web Application Firewall (WAF) which detects and blocks common keywords used in comment spam, as well as attack signatures used in cross-site scripting attacks and SQL injections.