Deployment - Data Security, Performance & Vulnerabilities
  • 1 Minute To Read
  • Print
  • Dark

Deployment - Data Security, Performance & Vulnerabilities

  • Print
  • Dark

The Whatfix solution is developed using globally accepted security measures. In this section, we outline how each of them works.

Whatfix Data Security

Routine security review and testing are done as an inherent part of our software development to make sure there are no vulnerabilities in the application.

Whatfix maintains the following data security measures for its users:

  1. Whatfix export version is placed as a part of your web servers. It can attain the same level of security requirement as your other in-house products.
  2. The Whatfix JavaScript makes only GET requests (read-only requests) to your web servers. No external calls are made to any outside servers.

Whatfix JavaScript Architecture

After unzipping the compressed export file (.zip), your product team needs to integrate a single line Whatfix JavaScript from the extracted package into your application. Whatfix follows all the regular best practices in ensuring JavaScript security.

The design of Whatfix JavaScript ensures that:

  • Only GET requests (read-only requests) are made to your servers from Whatfix’s JavaScript
  • No calls are made from Whatfix’s JavaScript to any server except your server
  • No third party libraries are used/required to run Whatfix on your application
  • No need to have any specific libraries/software on your server. The unzipped file can be placed on any web server software
  • Seamless operations with your CDN

Whatfix Security & Deployment Architecture

Vulnerability Scans and Penetration Test

Whatfix performs regular security assessments, penetration tests, and vulnerability scans along with multiple rounds of reviews. These tests ensure that nothing gets overlooked and human mistakes are rectified on time.


In the case of a failover, you can serve Whatfix JavaScript from multiple servers and use CDN for distributing the content.


Whatfix has a negligible impact on the performance of your application because of the following:

  • The Whatfix JavaScript execution during page load takes approximately 25 milliseconds.
  • The Whatfix JavaScript file gets cached at the browser side and ensures that the user downloads it only once (first-time access).
  • The uncompressed Whatfix JavaScript is just 175KB in size, which is further reduced by a third when web browsers apply compression techniques.
Was This Article Helpful?