Trust Center

Start your security review
Search items
ControlK

Overview

Rootly has implemented best-in-class security practices to keep customer data safe and operates in the most regulated markets.

100s of global organizations from fast growing startups to F500 trust Rootly to be their incident management solution of choice.

Contact: security@rootly.com

Compliance

CCPA Logo
CCPA
GDPR Logo
GDPR
SOC 2 Logo
SOC 2

Rootly is reviewed and trusted by

Cisco-company-logoCisco
Canva-company-logoCanva
Grammarly-company-logoGrammarly
Wealthsimple-company-logoWealthsimple
Faire-company-logoFaire
Poshmark-company-logoPoshmark
Shell-company-logoShell
Cypress.io-company-logoCypress.io
Rivian-company-logoRivian
Squarespace-company-logoSquarespace
NVIDIA-company-logoNVIDIA

Documents

Featured Documents

REPORTSPentest Report
REPORTSSOC 2 Report

Product Security

Audit Logging
Data Security
Integrations
View more

Reports

Pentest Report
SOC 2 Report

Data Security

Access Monitoring
Data Backups
Data Erasure
View more

App Security

Responsible Disclosure
Code Analysis
Credential Management
View more

Legal

Cyber Insurance
Data Processing Agreement
Master Services Agreement
View more

Access Control

Data Access
Logging
Password Security

Infrastructure

Amazon Web Services
Anti-DDoS
BC/DR
View more

Endpoint Security

Disk Encryption
Endpoint Detection & Response
Mobile Device Management

Network Security

Data Loss Prevention
Security Information and Event Management
Zero Trust

Corporate Security

Email Protection
Employee Training
Incident Response
View more

Policies

Acceptable Use Policy
Access Control Policy
Asset Management Policy
View more
Trust Center Updates

CVE-2024-3094

Copy link
Vulnerabilities
April 2, 2024

After careful review of our infrastructure and SBOM, the Rootly team has determined that we are not currently vulnerable to the xz Vulnerability CVE-2024-3094 that were disclosed on March 29th, 2024.

CVE-2023-34362

Copy link
Vulnerabilities
July 17, 2023

After careful review of our infrastructure and SBOM, the Rootly team has determined that we are not currently vulnerable to the MOVEit Transfer Critical Vulnerability CVE-2023-34362 that were disclosed on June 16th, 2023.

CVE-2022-3602 & CVE-2022-3786

Copy link
Incidents
November 2, 2022

After careful review of our infrastructure and SBOM, the Rootly team has determined that we are not currently vulnerable to the OpenSSL 3 vulnerabilities CVE-2022-3602 and CVE-2022-3786 that were disclosed on November 1, 2022.

CVE-2022-21449

Copy link
Incidents
May 16, 2022

None of our services are running Java 15, 17, and 18 so this vulnerability (CVE-2022-21449) is not exploitable on our side.

If you think you may have discovered a vulnerability, please send us a note.
Report issue
Built onSafeBase by Drata Logo