Build and deliver frontend experiences fast, with intuitive visual editing tools.
A low-code content management solution for non-technical teams.
AI-powered site search. Surface content from any source or in any format.
Build and deliver dynamic forms in minutes, with a visual form builder.
Deliver instant, AI-generated answers that guide site visitors to their next steps, while maintaining complete control.
An integration platform to connect your systems, data and content together.
AI chatbot with a governance interface. Secure, personalized support, without hallucinations.
Maximize the impact of your content and drive successful conversions.
Easily build and deploy web components across all your sites, at scale.
Centralize and manage customer data for personalization and analysis.
Deliver experiences the way users expect – consistently, securely, and lightning-fast.
Unify and manage your entire tech stack from a secure, centralized AI-Powered Platform.
Transform your digital citizen experience.
Create meaningful student lifecycle journeys.
Attract and retain clients with personalized experiences.
Accessible experiences that customers demand.
Hit campaign goals and make data-driven decisions.
Skip the developer queue to build pages and forms.
Audit, pilot and scale at speed, without major project work.
Make every event easily discoverable across your channels.
Bring your solution to life with expert partners in strategy, design and development.
Unify your systems, content, data and workflows with Squiz Digital Experience.
Upgrade to Matrix 6 (SaaS) and get the full benefits of Squiz's new content authoring experience.
Log in to access partner resources.
Let's grow together. Join our partner network.
Explore our network of agencies and implementation partners.
Discover all our pre-built integrations to popular services, or build your own.
Supercharge your DXP with components, templates, extensions, and more.
Speed up your development, get answers, and discover new DXP functionalities.
Join the discussion, share your experience and get help from other DXP users.
Your go-to place to get hands-on experience and deepen your DXP knowledge.
Submit a suport ticket or contact our 24/7 global support team.
Read the latest articles on all things digital.
Success stories from our amazing clients.
Watch on-demand and register for upcoming online sessions.
We're focused on delivering the best product in the market. See what's ahead.
Squiz (we or our ) and our customers (you or your) share responsibility for security and compliance. The following model distinguishes the responsibilities.
The responsibility line is drawn at a high level between Squiz looking after the underlying environment and platform, and customers looking after the data and application built on the DXP.
Squiz
Squiz provides a secure platform that adheres to the security principles and requirements of privacy regulations within local jurisdictions including GDPR, the Australian Privacy Act, the New Zealand Privacy Act and applicable US privacy legislation as a processor of your information.
The DXP provides features customers can use to send the right notifications, review information and correct information within the platform as required.
Customer
The data you collect using your implementation on the Squiz DXP remains your property, and you remain responsible for this data.
This includes adhering to legal and regulatory requirements for collection, correction, removal, integrity and providing your users with information about their data.
Squiz provides professional and managed services to support our customers in application creation and maintenance.
Where a customer uses a professional service to help build a solution, Squiz is responsible for ensuring the security until the application is live, at which time customers take ownership.
Where customers have signed up for additional managed services, additional security measures may apply as agreed with each customer.
Squiz does not have access to customer applications unless a customer explicitly grants permission to provide support.
Applications built and served from the DXP are truly your application.
Customers are responsible for ensuring that any libraries and code they introduce to their sites and applications that do not use the Squiz components are patched and updated.
The DXP allows you to integrate your access to the platform and your built applications with your own Identity Provider (IdP) using SAML.
You manage your own access to your applications and platform, making sure these practices conform to your own security requirements using the DXP comprehensive permissions model.
Squiz does not scan for vulnerabilities in customer solutions hosted on the DXP.
Squiz diligently manages vulnerabilities across our platform; however, it is your responsibility to ensure your application remains free of vulnerabilities. To facilitate this, we enable you to configure your own vulnerability scanning on your application instances. Ensure you provide us with at least 14 days’ notice before initiating your scans, along with relevant details to help us disable our security alerts and prevent any mistaken response to your scanning as a hostile attack.
Squiz does not perform PEN tests on customer solutions hosted on the DXP but does perform PEN tests on our platform.
As with vulnerability scans, Squiz performs PEN tests on our platform, but conducting PEN tests on your application instance remains your responsibility. This may be because of a regulatory requirement or just good practice, but we welcome customers to commission PEN tests on their web application instances. With 14 days’ notice through our support function, we will make sure we do not react to this test while it is being conducted.
Cloudflare CDN, WAF and DDoS protection are integrated parts of the Squiz DXP.
Squiz implements WAF-managed lists, managed rules and rate limiting as baseline configuration on all new implementations and works with customers to apply these features to existing sites.
Squiz offers Cloudflare Bot Management as an add-on for sites on the DXP.
Squiz analyses and monitors events as part of our DXP operations and incident response.
As a customer you may manage your own domains and DNS, have a corporate network and other non-Squiz hosted applications and capabilities, and have a current CDN or WAF for a legacy Squiz or other system implementation. The Squiz DXP requires the use of the Squiz Cloudflare capabilities, as this is built in as part of the platform. Squiz allows customers to have their own Cloudflare instance, within Orange to Orange implementations, but other CDN services may require special considerations to work with the DXP.
You also have to provide Squiz input to allow the most effective WAF capability, for example, which IP ranges are deemed safe and which friendly bots you may have.
The Squiz DXP is a web-based platform, and communication security is managed on the application layer. The system is not reliant on direct network protocols and communication to function.
Squiz relies on AWS to provide the underlying layers, using AWS native capability to control ingress and egress to the services we provide, using AWS security groups, application load balancers and API gateways.
Customers have to provide specific networking requirements as part of system design, that is implemented on the DXP if appropriate.
Squiz manages access to our infrastructure to manage, configure and support the DXP and customer applications hosted on the DXP.
Access is centralised using our IdP, using role-based permissions.
Customers do not manage identities and access to underlying infrastructure and are responsible for managing access to their DXP administrative console and applications only.
Squiz conducts third-party PEN tests on our platform annually. Detected vulnerabilities are reported and remediated according to our vulnerability and patch management process.
Squiz infrastructure also uses AWS Inspector, to continuously detect vulnerabilities at run time.
Squiz uses automated vulnerability scans as part of our CICD pipelines, ensuring vulnerability-free code is deployed to all changes to the DXP.
Customers are not responsible for PEN tests and vulnerability scans of components of the DXP. Customers can request executive summaries of Squiz annual PEN tests for assurance purposes.
The DXP is an “As-a-Service” platform that allows customers to build web applications and serve their users’ digital experiences.
Squiz is responsible for providing a secure platform to our customers and managing the security of our underlying environment.
Squiz uses key third parties to provide the DXP and perform vendor risk assessments regularly ensuring these vendors subscribe to the same security practices we do.
Customers are responsible for using the DXP securely by not introducing vulnerable code or libraries within their implementation hosted on the DXP.
Squiz maintains the operational environment on which the DXP runs, ensuring secure baselines are used to serve the DXP, and all operating systems and dependencies are patched and up to date.
Customers are not responsible for patching and updating the underlying environment or the DXP itself.
Squiz maintains all computers and other resources used to run the DXP. This includes performance monitoring, capacity and autoscaling to ensure enough resources are available for the DXP to serve customer solutions.
Customers are not responsible for any compute capability and resources used to host solutions on the DXP.
Squiz maintains all databases and storage technology used in the DXP, ensuring the protection of data at rest, data separation, data access, and data backups to recover from events and incidents.
Squiz does not provide data archival capability or long term data retention to customers as part of the default XP capability.
Where customers have any additional data archiving or long-term retention requirements beyond high availability and resiliency, customers are responsible for including these requirements during system design or working with Squiz if these requirements change.
Squiz manages the underlying network, connecting Cloudflare to the AWS environment hosting the DXP. The underlying network uses AWS for all low-level networking capabilities and manages ingress and egress rules using AWS Security groups and Host-based IP tables where appropriate.
Squiz manages the proxy settings and custom hostnames in Cloudflare on behalf of our customers. Squiz also manages CloudflareTLS certificates for customers who do not use their own, and any communications Cloudflare workers use to communicate with the DXP.
Customers do not have direct responsibilities related to the underlying network of the DXP.
If a customer manages its own DNS, the customer is responsible for working with Squiz to ensure the entries point to the correct endpoints, and for maintaining their own domain names.
Customers who manage their own TLS certificates are responsible for working with Squiz to ensure they are renewed and updated.
Squiz manages our key third-party providers used to provide the DXP to our customers.
The hardware layers are managed by our trusted third parties, the most notable being AWS and Cloudflare.
Squiz manages the cloud infrastructure used to host the DXP and customer systems.
DXP customers do not manage any hardware, or the cloud providers used to provide the DXP services.
Squiz has a robust incident management process and is responsible for detecting, responding, eradicating and recovering from incidents affecting the DXP and underlying services used to host the DXP.
This includes communicating with customers about detected incidents that are affecting their solutions hosted on the DXP. Squiz provides online status of events notifications and will contact customers directly as part of incident response if they are targeted by cyber attacks or incidents that affect their solutions.
Customers are responsible for reporting any incident to Squiz support that may affect their solutions hosted on the DXP and for working with Squiz as part of the incident. Although Squiz actively monitors the state of all systems hosted, we welcome any threat intelligence from our customers, as incident management is a truly shared responsibility.
Customers may also monitor the uptime of their own solutions and work with Squiz to ensure the best service levels.
Squiz manages all vulnerabilities in the DXP and Cloud infrastructure used to host the DXP.
This includes including left-side security as part of design, using automated tools to scan for code vulnerabilities, and using up-to-date golden images to deploy Infrastructure as Code.
This includes using AWS Inspector to monitor and detect vulnerabilities on the right side at run time.
Customers do not have a responsibility to manage vulnerabilities on the DXP on underlying cloud infrastructure.
Squiz is responsible for maintaining ISO 27001 certification and adherence to the SOC 2 framework. These internationally recognized frameworks govern Squiz's security through our ISMS.
Squiz undergoes third-party audits against the frameworks.
Squiz provides security assurance in the form of ISO 27001 certificate and Statement of Applicability (SoA), relevant SOC 2 reports, Cyber Essentials certificates, assertions as part of our CSA STAR CIAQ and third-party GRC assertions as appropriate to customer requests.
Squiz provides executive summaries of third-party penetration tests of the DXP as requested by customers.
Customers are responsible for compliance and assurance for their solutions hosted on the DXP and for working with Squiz to ensure security assurance requirements are met.