Security Compliance
- Ecosystem
- Last Updated: January 26, 2018
- Arif Gursel
Need to quickly catch up on this past quarter's announcements? Here are the top three topics to tune in on:
The Platform API for Partners provides many official endpoints that allow you to introspect security settings, discover other customer instances of the same add-on, and much more. With the Platform API, add-ons have an OAuth client secret and a number of OAuth authorizations, one token per provisioned add-on; it is only used to authenticate requests to create the scoped tokens and not used to authenticate other requests to the Platform API.
Updated password requirements…
- Ecosystem
- Last Updated: October 27, 2017
- Arif Gursel
Need to quickly catch up on this past quarter's announcements? Here are the top three topics to tune in on:
Heroku has expanded regions availability for Private Spaces and introduced the general availability of the Dublin region on September 26, 2017. Heroku users are able to run apps in all of the following Private Spaces regions: Virginia, Oregon, Frankfurt, Tokyo, Sydney, and Dublin. Please verify that your add-on's manifest accurately reflect the supported Privates Spaces regions.
Heroku app webhooks for customers and add-on webhooks for partners are generally available . Partners are…
- News
- Last Updated: August 22, 2017
- Nahid Samsami
We're happy to announce that Heroku app webhooks is now generally available for all Heroku customers.
App webhooks provide notifications when your Heroku app changes, including modifications to domain settings, releases, add-ons, and dyno formations. These notifications can empower your internal communications, dashboards, bots or anything else that can receive HTTP POST requests. Integrating with Heroku webhooks provides easy support for driving custom workflows and 3rd party tools.
With the webhooks CLI plugin, you can subscribe to events with a single command.
heroku plugins:install heroku-webhooks …
- Ecosystem
- Last Updated: July 28, 2017
- Arif Gursel
Need to quickly catch up on this past quarter's announcements? Here are the top three topics to tune in on:
Heroku announced the general availability of continuous integration (CI) on May 18, 2017. This new feature creates copies of staging apps to run tests, then destroys the app and its add-ons. With Heroku CI, you will see an increase in the number of default ephemeral plan resources regularly provisioned on Heroku review and CI apps. Previously, these apps used the add-on plan configured for staging.
As developers adopt CI/CD workflows, temporary deployments are becoming increasingly…
- News
- Last Updated: June 06, 2017
- Jesper Joergensen
Today we are happy to announce Heroku Shield, a new addition to our Heroku Enterprise line of products. Heroku Shield introduces new capabilities to Dynos, Postgres databases and Private Spaces that make Heroku suitable for high compliance environments such as healthcare apps regulated by the Health Insurance Portability and Accountability Act (HIPAA). With Heroku Shield, the power and productivity of Heroku is now easily available to a whole new class of strictly regulated apps.
At the core of Heroku’s products is the idea that developers can turn great ideas into successful customer experiences at a surprising pace when…
- News
- Last Updated: April 04, 2024
- Nahid Samsami
Heroku has always made it easy for you to extend your apps with add-ons. Starting today, partners can access the Platform API to build a more secure and cohesive developer experience between add-ons and Heroku.
Advancing the Add-on User Experience
Several add-ons are already using the new Platform API for Partners. Adept Scale , a long-time add-on in our marketplace that provides automated scaling of Heroku dynos, has updated its integration to offer a stronger security stance, with properly scoped access to each app it is added to. Existing customer integrations have been updated as…
- Ecosystem
- Last Updated: April 28, 2017
- Arif Gursel
Need to quickly catch up on this past quarter's announcements? Here are the top three topics to tune in on:
The new add-ons canary service will attempt to provision and deprovision your add-on service on an app named 'addons-canary'. These daily tests will help us proactively detect any failed provisioning attempts and ensure customers can provision all add-on services. This effort will also help us identify issues earlier and notify you of provisioning issues.
Heroku Shield, a set of services included in Heroku Enterprise, is generally available and offers customers additional compliance features needed…
- News
- Last Updated: April 11, 2024
- Balan Subramanian
Apps are at the heart of modern businesses, and are important assets that need a secure platform geared for compliance and security. We launched Heroku Enterprise earlier this year with this in mind and today we are excited to announce the beta of Heroku Identity Federation for Heroku Enterprise customers. This feature unifies the login experience across Salesforce's new App Cloud that we announced today.
As customers like Forever Living, TV4 and Macy’s run more of their apps and business-critical services on Heroku, they need tighter integration with their existing security infrastructure. With our new identity federation feature,…
- News
- Last Updated: July 09, 2015
- Balan Subramanian
In February, we announced Heroku Enterprise , with collaboration and management capabilities for building and running your app portfolio in a governable and secure way on Heroku. We also introduced fine-grained access controls with app privileges as a beta feature. Today, we are pleased to announce general availability of this feature: Heroku Enterprise accounts are now automatically enabled for fine-grained access controls. We’re very happy to deliver this feature that many of our largest customers have requested.
“Enterprises need greater visibility around applications and scalability, and Heroku Enterprise adds those features to the core Heroku value proposition,” said Matthew Francis,…
- News
- Last Updated: September 25, 2012
- Richard Schneeman
Software erosion is what happens to your app without your knowledge or consent: it was working at one point, and then doesn't work anymore. When this happens you have to invest energy diagnosing and resolving the problem. Over a year ago Heroku's CTO, Adam Wiggins, first wrote about erosion-resistance on Heroku. Part of erosion-resistance is communication, and knowing what to expect moving into the future. This post will clarify what we mean by erosion-resistance, and help you understand what to expect when one of our features is deprecated or is sunset.
Erosion-resistance means…
Subscribe to the full-text RSS feed for Security Compliance.