Security
Platform Security Overview
Our operations are designed with security in mind, from our handling of sensitive customer data such as vulnerabilities, to the code release, upgrade, patch management, and operational security practices incorporating relevant security, policy, and evaluation frameworks such as OWASP, ISO 27001, NIST 800 series, and other best practices and meaningful standards.
Certifications & Third-Party Attestations
ISO 27001 is the international standard that describes best practice for an information security management system (ISMS) to take a systematic approach to managing confidential information so that it remains secure.
Synack complies with the U.S.-E.U. and U.S.-Swiss Privacy Shield frameworks as set forth by the U.S. Department of Commerce (the “Privacy Shield”) regarding the collection, use, and retention of personal data (as defined by the Privacy Shield) from the European Union and Switzerland. To learn more about the Privacy Shield principles of Notice, Choice, Onward Transfer, Security, Data Integrity, Access and Enforcement, please visit https://www.privacyshield.gov/welcome.
See our Privacy Shield certification by clicking here.
Responsible Disclosure
To report a security vulnerability, please visit synack.responsibledisclosure.com.
A successful submission may result in an invitation to join the Synack Red Team.