Overview
SafeBreach maintains an Information Security Program to ensure all computer and data communication systems' confidentiality, integrity, and availability while meeting the necessary legislative, industry, and contractual requirements.
SafeBreach policies, procedures, and standards are based on the International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) 27001 and the American Institute of Certified Public Accountants (AICPA) Service Organization Control (SOC) 2. In addition, we use an independent third-party body to periodically audit our compliance with leading industry standards.
Compliance



Documents
Risk Profile
Product Security
Reports
Self-Assessments
Data Security
App Security
Legal
Access Control
Infrastructure
Endpoint Security
Network Security
Corporate Security
Policies
Security Grades

Trust Center Updates
Hi all, As you may be aware, the OpenSSL Project is announcing a critical vulnerability in OpenSSL 3,0 and above. We took steps to review our SBOM and are not using the affected libraries in our environment. All SafeBreach platforms are running OpenSSL 1.1.1. We will be monitoring the OpenSSL Project announcement to see if we need to apply any patches to our current environment.
Your security is our top priority.
Avishai Avivi CISO | SafeBreach
We are pleased to announce that we have received our SOC 2 Type II report from EY. Customers with NDA can access and download a copy of the report from this portal.
The SafeBase security portal has been updated.
If you think you may have discovered a vulnerability, please send us a note.