Hosting Security

PortlandLabs is the founder and maintainer of Concrete CMS (concrete5). For security information for that open source project please visit

To report a security vulnerability in the Open Source Concrete CMS (concrete5) please submit a report here.  

We know our hosting clients care deeply about privacy and data security. Hence, we follow industry best practices to keep the sites we host for you secure! The following are only some of the many things you get when you host with us: 

  • 24/7 monitoring and alerting 

  • AWS Infrastructure configured to meet CIS benchmarks and AWS Best Practices. 

  • All data encrypted at rest and in transit!

  • Infrastructure access restricted to FIPS 140-2 MFA and least privilege 

  • Firewalls and DDOS protection

  • Intrusion detection and file integrity monitoring  

  • Annual Independent Penetration Testing 

  • Annual Incident and Disaster Recovery Testing with Backup Restoration!

  • Rigorous Security and Change Management Program!


Need more details? Ask us to send you our Privacy and Security Overview.