Start your security review
View & download sensitive information
Ask for information
Search items
ControlK

SafeBreach maintains an Information Security Program to ensure all computer and data communication systems' confidentiality, integrity, and availability while meeting the necessary legislative, industry, and contractual requirements.

SafeBreach policies, procedures, and standards are based on the International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) 27001 and the American Institute of Certified Public Accountants (AICPA) Service Organization Control (SOC) 2. In addition, we use an independent third-party body to periodically audit our compliance with leading industry standards.

SafeBreach-company-logoSafeBreach
ServiceNow-company-logoServiceNow
Pepsi-company-logoPepsi
Regeneron-company-logoRegeneron
PayPal-company-logoPayPal
Experian-company-logoExperian
Deloitte-company-logoDeloitte

Documents

Featured Documents

COMPLIANCEISO 27001
Trust Center Updates

Happy Holidays from SafeBreach - Information Security Policy Update

General
Copy link

The entire SafeBreach team would like to take a moment to wish you a wonderful and peaceful holiday season. We hope you enjoy this time with your loved ones and stay safe.

In line with our ongoing commitment to maintaining the highest security standards, we would also like to inform you that, following our Information Security Policy, SafeBreach's security policies have been thoroughly reviewed and updated. These updates have been reviewed and approved by our Executive Security Committee to ensure they continue to meet the ever-evolving needs of our organization and our valued partners. For you convenience, we have created a policy digest available here: https://security.safebreach.com/item/digest

Thank you for your continued trust and support. We look forward to working with you in the coming year to strengthen our security practices and keep our systems and information safe.

Wishing you a secure and joyous holiday season!

Warm regards,

Avishai Avivi CISO | SafeBreach

Published at N/A

2024 SOC 2 Type II report now available

Compliance
Copy link

We are pleased to announce that we have received our SOC 2 Type II report from EY. Customers with NDA can access and download a copy of the report from this portal.

Published at N/A

SafeBreach response to newly found OpenSSH Server (CVE 2024-3094)

Vulnerabilities
Copy link

Hi all,

To follow up, I am pleased to confirm that all SafeBreach machines have been patched with the correct version of the OpenSSH library to guarantee that they are no longer vulnerable. It's important to note that none of these environments were vulnerable to an attack from outside, and we've taken this extra step as a precaution and exercise of best practices.

Thank you,

Avishai Avivi CISO | SafeBreach

Published at N/A

Hi all,

SafeBreach is tracking the newly released information about the OpenSSH server component (CVE-2024-6387). While SafeBreach is running the impacted component, our hosted customer consoles are not vulnerable. We do not allow outside connections to the SSH service on these machines. All internal access to these machines is tightly controlled and monitored.

As always, your security is our paramount concern. We will keep an eye on any further developments on this issue,

Avishai Avivi CISO | SafeBreach

Published at N/A

SafeBreach response to XZ backdoor (CVE 2024-3094)

Vulnerabilities
Copy link

Hi all,

SafeBreach is tracking the newly released information about the XZ backdoor. We have searched through the SBOM of our images and associated dependencies. We can confirm that we are not using any vulnerable version of the impacted library (5.6.0 and 5.6.1) or any package with an inherited dependency on said libraries.

As always, your security is our paramount concern. We will keep an eye on any further developments on this issue,

Avishai Avivi CISO | SafeBreach

Published at N/A

2023 ISO 27001:2013 certificate available

Compliance
Copy link

We are pleased to announce that we have received our ISO 27001:2013 certificate from The Standards Institution of Israel. Customers with NDA can access and download a copy of the certificate from this portal.

Published at N/A

If you think you may have discovered a vulnerability, please send us a note.

Report Issue
Powered bySafeBase Logo