Trust Center

Get full access to this Trust Center
  • Review all security details
  • Unlock documents
  • Submit security questionnaires
  • Ask for more information
Had access before? Reclaim access

Overview

SafeBase helps B2B SaaS companies close enterprise deals faster by streamlining the security assessment process. We take security seriously and have a dedicated internal security team. Our security team's controls and policies are detailed on this Security Portal. Email us at security@safebase.io if you have any additional questions not answered by this Portal.

Compliance

CCPA Logo
CCPA
CSA STAR Logo
CSA STAR
GDPR Logo
GDPR
SOC 2 Logo
SOC 2
Get full access to this Trust Center
  • Review all security details
  • Unlock documents
  • Submit security questionnaires
  • Ask for more information
Had access before? Reclaim access

SafeBase is reviewed and trusted by

LinkedInLinkedIn
JamfJamf
SnykSnyk
CrossbeamCrossbeam
PostmanPostman
AutomoxAutomox
SentrySentry
SplitSplit
InstacartInstacart
28 Documents
VSA Full
SIG Core
CAIQ
SOC 2
Pentest Report
Network Diagram
CSA STAR
CAIQ Lite
SIG
SIG Lite
VSA Core
Cyber Insurance
Acceptable Use Policy
Access Control Policy
Asset Management Policy
Backup Policy
Business Continuity Policy
BYOD Policy
Data Classification Policy
Encryption Policy
General Incident Response Policy
Information Security Policy
Internal and External Communication Policy
Password Policy
Physical Security
Risk Management Policy

Risk Profile

Data Access LevelInternal
Impact LevelModerate
Recovery Time Objective< 24 Hours
See more

Product Security

Role-Based Access Control
Audit Logging
Integrations
See more

Reports

Network Diagram
Pentest Report
Security Whitepaper

Self-Assessments

CAIQ
CAIQ Lite
SIG
See more

Data Security

Access Monitoring
Backups Enabled
Data Erasure
See more

App Security

Responsible Disclosure
Software Development Lifecycle
Credential Management
See more

Access Control

Data Access
Logging
Password Security

Infrastructure

Anti-DDoS
BC/DR
Google Cloud Platform
See more

Endpoint Security

Disk Encryption
Endpoint Detection & Response
Mobile Device Management

Network Security

Firewall
IDS/IPS
Spoofing Protection

Corporate Security

Employee Training
HR Security
Incident Response
See more

Policies

Acceptable Use Policy
Access Control Policy
Asset Management Policy
See more

Security Grades

SecurityScorecard
safebase.io
A
ImmuniWeb
app.safebase.io
A
Qualys SSL Labs
Main API Endpoint
A+
Landing Page
A
See more

Trust Center Updates

SafeBase SOC 2 Type 2 Report Available for Download

SafeBase's SOC 2 Type 2 report for the 12 month monitoring period ending in May 2022 is now available to request and download from our Trust Center.

Published at 07/28/2022, 7:27 PM

New Subprocessor Added: Flatfile

This is a notification that we have added a new Subprocessor:

Name: Flatfile

Location: United States

Website: https://flatfile.com/

Purpose: We have updated our Knowledge Base to use an updated version of Flatfile's data importer with additional features. This version requires server side processing. The previous version of Flatfile ran client side only. Note that this will only affect customers who import files into the SafeBase Knowledge Base. If you do not currently use this feature, this will not affect your usage of the SafeBase platform at this time.

DPA signed: Yes

Published at 06/30/2022, 3:15 PM

SafeBase update on Okta

While the SafeBase product allows customers to authenticate using Okta, we ourselves do not use Okta internally. As a result, at this point in time, we do not have any reason to believe we were affected. Please reach out to us at security@safebase.io if you have any further questions or concerns.

Kevin Qiu

Director of Information Security

SafeBase

Published at 03/22/2022, 3:26 PM

Notable Customers Added to SafeBase's Security Portal

As a part of a recent release, we have updated our Security Portal with a list of notable customers who are using SafeBase's Smart Trust Center to proactively build trust and improve sales cycles.

All SafeBase vendors now have the ability to add their own trusted customers to their Security Portal to help instill additional confidence with prospective buyers.

Reach out to support@safebase.io with any questions!

Published at 03/08/2022, 7:51 PM

Security Update - Log4j

As you may have seen in the news over the weekend, a recent major security vulnerability was discovered with the popular logging utility Log4j.

After reviewing our logs, communicating with our vendors, and reading all the information that is publicly available as of Tuesday, December 28, 2021, we have no reason to believe that any SafeBase internal or customer data has been affected at this point in time. Should this change, we will communicate this to you as soon as we are able to.

As it stands, none of our code is written in Java, nor do we use any Apache tools throughout our entire tech stack.

As an additional reminder, our Subscribe feature is available as a means to send updates such as these to customers. You can Subscribe to SafeBase updates yourself at the top of this Security Portal. In the near future, we will be releasing a new feature in which you will be able to post a public notice about high impact breaches such as this one.

Please feel free to reach out to us at security@safebase.io if you have any questions or concerns.

Published at 12/28/2021, 4:18 PM

If you think you may have discovered a vulnerability, please send us a note.