One of our clients want s to implement a BPM solution, but he asked about the security mechanism that is used to protect the Joget workflow from web attacks and other securit risks such as:-
1. protected against cross-site scripting and session stealing attacks
2. support Digital Signature that is be provided by a trusted Root CA
3. disaster recovery availability.
but unfortunately i did not find any documentation that talks about how these security requirements (if any) are implemented in Joget workflow.
Any help will be highly appreciated.
Best Regards