|Network and infrastructure-level security||As the Managed Cloud solutions are deployed in AWS, they inherit the security measures mentioned in https://aws.amazon.com/security/.|
|Operating system security|
- All non-production environments (e.g., Dev, Test, Pre-Prod, etc.) should be architecturally identical to the production environments.
- WSO2 can set up non-production environments, reset, and upgrade them upon the customer's request.
- WSO2 does not monitor and take backups of non-production environments. If there is an issue in a non-production environment, the customer is expected to open a hosting incident in the bug tracking system.
- The customer is responsible for storing, versioning, updating, removing, testing and verifying artifacts in the non-production environment.
- The customer hands over tested and verified artifacts to WSO2 to be deployed in the production environment.
- WSO2 ensures the security and availability of the artifacts deployed in the production environment.
- WSO2 is responsible for storing, versioning, updating and removing artifacts in the production environment.
<Diagram coming up>
Hand over the environments