Secure your websites and data
Secure your Kentico Xperience websites with confidence by implementing multiple security layers to ensure your customer data, the administration interface, and the live site are kept separate. Additionally, eliminate threats by protecting your data with various authentication methods, permissions, and user management. Tailor the security posture of your digital experience platform to meet your business requirements and compliance obligations.
Create multiple security layers
With Kentico Xperience, you can separate data, administration, and the live site with different servers to strengthen the security of your overall solution. MVC routing also passes executed data in a secure way to avoid exploitation or exposure.
Choose your preferred authentication method
Kentico Xperience offers a range of authentication methods for both the live site and administrative interface to support B2E, B2B and B2C use cases. From simple forms authentication based on standard ASP.NET authentication, to social logins, SSO and multi-factor authentication, you can implement standard or customized authentication solutions to support your customers and employees.
Apply roles and permissions to sites, applications, pages, and content
Open or restrict access as you wish! Create user profiles, extend them with custom fields, import them from external systems, or let visitors create accounts directly from your website. Kentico Xperience has a set of default roles and permissions, in addition to the ability to fully customize roles to suit your needs and ways of working. You can even grant users access to particular areas of the administration or website content. Personalized permissions can be applied to restrict access to individual documents or pages as necessary.
Cover yourself with double opt-in and reCAPTCHA
Reduce spam captured by your website forms. Spam protection controls like Google reCAPTCHA are familiar and easy for visitors to use and enable you to detect bots in just one click. Double opt-in also ensures new users are who they say they are, by requiring them to confirm their registration via email. You can even set up an approval process before allowing them to complete their registration and login.
Stay protected with Anti-CSRF tokens
Hackers can also try to weasel their way into your website via multiple pathways. A Cross Site Request Forgery attack, for example, exploits a vulnerability in a web application if it cannot differentiate between a request generated by an individual user and a request generated by a user without their consent. Kentico Xperience’s Anti Cross-Site Request Forgery (CSRF) uses tokens to validate requests and protect websites against CSRF vulnerabilities with no reduction in website performance.
Be confident in our quality testing and secure development processes
ISO 27001 security certified, Kentico Xperience regularly undergoes security testing and security-focused code reviews. We develop according to OWASP secure development principles and processes and respond quickly and efficiently to security vulnerabilities that may arise. We are also proud of our 7-day bug fixing policy, which not only means issues are fixed fast, but we also plant a tree for every bug found by one of our customers–helping you and our environment!
Beat the competition and start delivering results with the only digital experience platform that combines advanced capabilities, a short time to value, and ease of use.
Key platform features
Scalability and Performance
Deliver high-performance websites with the latest ASP.NET technology.
Speed up development with ASP.NET Core MVC and make marketers more productive with widgets.
Benefit from straightforward deployment and server maintenance. Create and synchronize multiple environments effortlessly.
Eliminate threats and secure your websites. Stay protected with Anti-CSRF tokens and create multiple security layers.
Deploy your websites in the cloud.
Publish content to any channel with a powerful headless API layer.
Extensibility and Customization
Extend the platform with your code. Add custom functionality and customize the user interface to fit specific use cases.