Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Security operations

Updated on July 1, 2021

Beyond authentication, authorization, and auditing, Pega Platform offers many other configurable security features, such as encryption, HTTP response headers, and Web Service Security profiles. Use these features to ensure that your application is as secure as possible.

  • Encryption

    Encryption is a way to protect sensitive data within your application, without affecting the functionality of Pega Platform. Examples of typically encrypted data include Social Security numbers, credit card numbers, account numbers, and addresses.

  • Key management system for application data encryption

    Create a keystore that references keys other key management services, such as Microsoft Azure Key Vault, HashiCorp Vault, and Google Cloud KMS, and Amazon KMS through the use of a data page. By supporting additional key management services, Pega Platform™ offers you increased flexibility when defining keys that are used for encryption of application and internal system data.

  • Securing an activity

    You can better protect your application by limiting how an activity can be run and who may run it by configuring activity-specific access control.

  • Adding new privileges to roles after an upgrade

    Pega Platform version 8.5 has introduced new security privileges to align with leading practices and Pega has provided guidance on how to strengthen your security architecture by adding new privileges to roles after an upgrade.

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us