Security Overview | Asanto | No-Code Platform

Security overview

20+ years’ experience developing bespoke applications.

Built for the cloud

With a secure cloud core, Asanto’s infrastructure ensures complete privacy for you and your customers.


We ensure our processes and setup meet the stringent requirements for certification.

Infrastructure as a service

Rapidly deploy reliable, scalable applications with high availability.

Application security

We have 20+ years’ experience developing applications within the insurance sector.

Taking security seriously

With over 20 years’ experience designing and building bespoke applications, we understand the importance of providing total security for our customers, and their customers. Security is at the heart of Asanto’s infrastructure, design and build. Developed to keep confidential information private, and protect your brand reputation.

ISO 27001

Independently certified best-practice approach to information security.

PCI DSS Level 1

PCI DSS (Payment Card Information Data Security Standard) Level 1 certified.

Our commitment to complete security is demonstrated by our regulatory certifications. Asanto is ISO 27001 certified, and our internal payment gateway service ‘IdolPay’ is PCI DSS Level 1 certified, offering you peace of mind that our infrastructure and processes meet and exceed stringent requirements

Asanto platform infrastructure design and build
Manage every aspect of your products


Rapidly deploy products and pricing to market with a flexible, secure solution. Easy to use, highly customisable and built for speed, users can enjoy benefits such as:

  • Full audit trail of actions for compliance and investigation.
  • Automated monitoring and management of system performance.
  • Threat detection.
  • Load balancing.
  • Web Application Firewall (WAF) to provide greater security.
  • Secure database functionality utilising encryption at rest, in transit and multi-AZ for high availability.

The design of Asanto and associated infrastructure ensures the failure of a single component will not adversely affect entire system performance, with redundancy and automated failovers ensuring system availability.

Secure data
Asanto dashboard

Application security

We have over 20+ years’ experience developing applications within the insurance sector. Our Secure Software Development Lifecycle enshrines this knowledge and applies best practices for Agile software development.

Each stage of the development process has gated authorisation stages with separate development, test and production environments. Application code is tested and reviewed at several stages using a combination of automated and manual checks - this includes peer code reviews, Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) and finally an independent application security test (penetration test) which is carried out by a CREST certified organisation.