| Microservices are used to build the Patchworks platform - small, independent services that communicate with each other, allowing for flexibility, scalability, and easier maintenance. | microservices.png | ||
| API first is key for powerful integrations. Our next-generation dashboard is driven by powerful APIs which means we can integrate with any other API simply and seamlessly. | banner5 api.png | ||
| Cloud-native development facilitates our microservice architecture, Kubernetes deployments, DevOps infrastructure as code, and much more! | banner cloud.png | ||
| Headless is exactly what you'd expect for an API-first platform. The Patchworks backend is built with our own API, which is then consumed by the dashboard for general use. | headless.png |
| Kubernetes pod and node auto-scaling Ensure that integrations run consistently, even in the busiest times. See our auto-scaling page for more information. | banner1 k8s 2.png | ||
We use AWS RDS for all critical databases. Our databases have full redundancy with one ‘read’ and one ‘write’ copy of each. | banner2 rds 2.png | ||
| Each database copy is hosted in a separate availability zone so, in the unlikely event of a failure in one zone, we can fall back to the other. | banner 3 ha.png |
| Real-time logs (via web sockets) can be viewed while a process flow runs, with visibility of request, response and payload information at every step. | banner4 logs.png | ||
| Logs are retained for one month for retrospective problem-solving. | banner retention.png | ||
| Webhooks, events, and inbound API requests can all be tracked through the Patchworks Dashboard - you don’t need to be an engineer to figure out when/where execution errors occur. | banner monitor.png |
| We manage all API updates for our library of prebuilt connectors. | banner5 api.png | ||
| We take care of all supported authentication mechanisms (OAuth, token, API key, etc.). | banner6 auth.png | ||
| We've removed all the complexity when it comes to building and maintaining new integrations. | banner build.png |
| Our multi-tenant architecture means that customers have the benefits of shared software and infrastructure, secure in the knowledge that each customer's data is isolated and invisible to other tenants. | multi-tenancy-shared 2.png | ||
| Multi-tenancy provides a much faster solution, since we only search one set of data rather than everything - all database operations and secret storage is per-tenant. | multi-tenancy-search 2.png | ||
| Multi-tenancy allows flexibility for change - if necessary we can 'lift and shift' a tenant to a new database, or to a faster region, or even to a completely different cloud provider in a different continent! | multi-tenancy-change 2.png | ||
| Infrastructure updates are made via IaC (Infrastructure as Code). | banner7 iac.png | ||
| Infrastructure updates are peer-reviewed and authorised before being merged. | banner8 review.png | ||
| All production code flows through development and staging review cycles before release to production. | banner8 review.png | ||
| Every release must pass both automated and hands-on testing by our QA team. | banner 9 test.png |
| Product penetration testing is performed annually by an external, CREST-accredited organisation. | banner secure.png | ||
| Our Kubernetes nodes live in private subnets. | banner subnet.png | ||
| All key ingresses are IP whitelisted. | banner allow list.png | ||
| We adopt a 'least privilege' model for our development team, and also for users of our AWS and Kubernetes infrastructure. | least privilege.png | ||
| All key business systems must be accessed via a VPN | vpn.png | ||
| All staff use LastPass to generate and store strong passwords - 2FA access to LastPass is mandated. | lastpass.png |
| Access is managed via role-based permissions, so only authorised users can access integrations and data for their company profile(s). | banner role.png | ||
| Audit logs provide a complete history of all user account activity, including Patchworks users. | banner log.png | ||
| Users always control their own passwords - password resets are never performed on behalf of other users. | banner password.png | ||
| Single sign-on via Google is supported. | banner google.png |
