Build Trust with Cycode
Security is embedded in everything we do at Cycode. Working with Cycode means working with a partner who provides a secure solution that you can trust.
Safeguarding Sensitive Information
By verifying compliance with several standards, Cycode is proud to offer evidence and information about our controls. Our resource documents and mappings provide additional support for compliance, even when formal certifications or attestations are not applicable.
ISO 27001
Cycode is ISO27001 certified by a third party, managing information security risk in a way that complies with a robust design, implementation, and continuous monitoring framework.
Read MoreSOC2 Type II
Cycode has completed a full third-party SOC 2 Type II audit. An independent auditor has evaluated our product, infrastructure, and policies to certify that Cycode complies with their stringent requirements.
Read MoreCSA Star
Cycode has completed a CSA STAR Level 1 attestation. The CSA STAR Level 1 attestation confirms a cloud provider's self-assessment of security controls and documentation of security measures.
Read MoreEmpowering Guardians of Security
Embrace the Bug Bounty Challenge
Uncover Vulnerabilities, Elevate Defenses, and Secure Rewards with Cycode
Report NowData Security Matters Our Approach to Handling Your Information
Cycode is committed to protecting the privacy of our customers and preventing customer’s data from unauthorized access by implementing strong security and privacy frameworks, certified security and privacy controls, and industry best practices and standards.
We are also committed to GDPR compliance. Cycode's Engineering, Product, Security, and Legal teams are constantly working to align our procedures, documentation, contracts, and services to support compliance with the GDPR.
Compliance
Ensuring all new vendors, assets and activities pertaining to processing personal data are subject to a review of privacy, security, and compliance.
Privacy by Design
Ensuring personal data is properly collected, stored, and documented.
Retention
Retaining customer data only for the duration of the customer’s contract with a limited additional retrieval period for the benefit of our customers.
Data Transfers
Ensuring relevant processes are followed for transfers of personal data outside the European Union / UK. For more information, see our Privacy Policy here.
EU Rep and DPO
Designating MyEDPO as our DPO and EU Representative under Article 27 of the EU GDPR.
Data Protection Addendum
Providing all our customers with the opportunity to enter a Data Processing Addendum, for ensuring the protection and proper processing of their personal data.
Global or EU Data Regions
Offering our enterprise SaaS customers the ability to choose their data hosting locations, either EU data residency or Global (US) data residency, both hosted by the leading cloud providers – Amazon Web Services (AWS) and Google Cloud Platform (GCP).
Sub-Processor Info
Upon request or via our documentation, providing customers with information regarding affiliates and trusted third-party vendors that Cycode engages as sub-processors to support its services.
Government Requests
Cycode will only provide access to personal data in response to written authorized government requests when required to respond to valid binding and properly issued government processes that satisfy legal requirements.
Availability
Our customers can deploy on either public cloud or on private cloud and on-premises environments via our Cycode Enterprise Server offering. This gives our customers full control over their own resources, services, and data to meet the highest security and privacy standards.
Defense in Depth
To avoid a single point of failure, security is built in layers. At Cycode we have implemented many layers of defense to ensure the security of our customers’ data. 
This includes the following: Organizational Security, Cloud Security, Access Security, Vendor and Risk Management.
Transparency
The team at Cycode believes in transparency and provides full visibility into our privacy policies and agreements. Our privacy policy outlines our handling of personal data, its usage, and your rights related to it. 
Our subprocessor list provides a complete rundown of the third-party service providers we work with and the locations and services they provide.
Responsible disclosure
The security of our data is a crucial issue for Cycode, and we are confident that by collaborating with talented security researchers, we can detect and address any security weaknesses in our technology.
Contact Cycode’s security team directly at:
security@cycode.com