Logging is the unsung hero of enterprise operations—quietly saving the day, one log line at a time. Imagine trying to maintain successful applications without knowing what’s happening inside them. This would be like flying a plane blindfolded at night, in a storm, with no instruments. Spoiler alert: Neither scenario would end well! Today’s distributed systems […] The post Optimizing Enterprise…
#security compliance
10 posts
13 May 2025
3 Aug 2023
We re-enabled payments to Heroku in India! At the start of August, we resumed accepting credit and debit cards issued by Indian financial institutions. From the engagement on our public roadmap, we know that there are many developers in India eager to get back on the platform. We want to address the work done to […] The post Heroku Card…
20 Jul 2023
Summary Subdomain reuse, also known as subdomain takeover, is a security vulnerability that occurs when an attacker claims and takes control of a target domain. Typically, this happens when an application is deprecated and an attacker directs residual traffic to a host that they control. As of 14 June 2023, we changed the format of […] The post Security Improvement:…
12 Apr 2021
Customer Trust is our highest priority at Salesforce and Heroku. It’s more important than ever to implement stronger security measures in light of increasing security threats that could affect services and apps that are critical to businesses and communities. We’re pleased to announce that all Heroku customers can now take advantage of the security offered […] The post Enhancing Security:…
29 Aug 2018
Seccomp (short for security computing mode) is a useful feature provided by the Linux kernel since 2.6.12 and is used to control the syscalls made by a process. Seccomp has been implemented by numerous projects such as Docker, Android, OpenSSH and Firefox to name a few. In this blog post, I am going to show […] The post Applying Seccomp…
23 Aug 2018
Today we are proud to announce that Heroku has achieved several important compliance milestones that provide third party validation of our security best practices: ISO 27001 Certification: Widely recognized and internationally accepted information security standard that specifies security management best practices and comprehensive security controls following ISO 27002 best practices guidance. ISO 27017 Certification: A […] The post Announcing ISO…
21 Jun 2018
Today we are pleased to announce general availability of Heroku Shield Connect, the latest addition to our lineup of Heroku Shield services. Heroku Shield, announced last year, enabled new capabilities for Dynos, Postgres databases and Private Spaces that make Heroku suitable for high compliance environments such as those that fall under the Health Insurance Portability […] The post Announcing General…
6 Jun 2017
Today we are happy to announce Heroku Shield, a new addition to our Heroku Enterprise line of products. Heroku Shield introduces new capabilities to Dynos, Postgres databases and Private Spaces that make Heroku suitable for high compliance environments such as healthcare apps regulated by the Health Insurance Portability and Accountability Act (HIPAA). With Heroku Shield, […] The post Introducing Heroku…
10 Sept 2015
Apps are at the heart of modern businesses, and are important assets that need a secure platform geared for compliance and security. We launched Heroku Enterprise earlier this year with this in mind and today we are excited to announce the beta of Heroku Identity Federation for Heroku Enterprise customers. This feature unifies the login […] The post Integrated security…
9 Jul 2015
In February, we announced Heroku Enterprise, with collaboration and management capabilities for building and running your app portfolio in a governable and secure way on Heroku. We also introduced fine-grained access controls with app privileges as a beta feature. Today, we are pleased to announce general availability of this feature: Heroku Enterprise accounts are now […] The post Managing apps…