Cyber Security

Xirocco is committed to providing a secure, compliant, and highly available SaaS service that meets our customer’s needs. Protecting your data and our services is our top priority. Our application is developed using industry-standard secure coding practices and OWASP standards. We are continually working to expand our certifications to those that further secure our solutions and are critical to the success of our customers.

The availability, confidentiality, and integrity of your data is of utmost importance to your business, and to Xirocco. We use multiple safeguards to protect this information and are constantly monitoring and improving our products and services.

Xirocco hosts our application and your data with Amazon Web Services (AWS), an industry leader providing highly scalable, secure cloud platform computing platform.

Please contact us at any point in your due diligence or procurement processes to learn how we architect and manage the security of your data and our services.

  • Secure transmission and sessions
  • Authentication & Authorisation
  • Session Management
  • Access Controls
  • Backup & Data Retention
  • Code Testing & Assessments
  • Application Vulnerability Threat Assessments
  • Penetration Testing & Code Review
  • Security Monitoring
  • Virus Management
  • Phishing / Social Engineering

Xirocco is Cyber Essentials Certified


The GDPR (General Data Protection Regulation) is a piece of European legislation that applies across Europe (including the UK whilst it remains a part of Europe) from 25 May 2018. It replaces the current European legislation (the Data Protection Directive) and its UK equivalent (the Data Protection Act 1998). Even after UK exits Europe, these rules will certainly apply for a transitional period and any replacement national legislation is expected to be very similar.

The purpose of the GDPR is to impose certain conditions on those organisations which handle your data to ensure you know what is happening to your information (where it is going, what it is being used for and who else might see it). It also aims to ensure that your data is kept secure and is not used in a way that is excessive or unfair. Almost all information about you will be protected if you can be identified in some way by it. This includes information with your name or email address.

Xirocco is fully GDPR compliant and imposes the same rigor of GDPR compliance on its suppliers. Please contact us at any point in your due diligence or procurement processes to learn how we comply with GDPR.

Have any questions?

Please feel free to contact us. We will get back to you within one to two business days.


See what Xirocco can do for you