Trust, security,and privacy.
At the core of our mission. Your organization's data is handled as confidential information and remains under your control across our products and platforms.
SOC 2 Type I readiness is in progress while we continue implementing and documenting core security controls.
Your data, protected.
We take data privacy seriously. Here's our commitment to protecting your information.
Contract-Governed Data Use
Customer data handling is governed by the applicable product terms, privacy notices, and customer agreements.
No Mixing of Data
Tenant isolation is designed to keep customer data separated from other organizations.
Confidential & Secure
Your organization's data is handled as confidential information and remains under your control.
Enterprise Commitment: By default, we do not use data from Insight Sentinel Enterprise, Business, or our API platform—including inputs or outputs—for training or improving models.
Military-grade encryption.
Your data is protected by the strongest encryption standards available.
Encryption at Rest
Encryption protections are applied to stored data across supported deployments.
Encryption in Transit
Encryption protections are applied to customer and service communications.
Key Management Planning
Key-management requirements are reviewed during solution design for qualifying deployments.
Strict Access Controls
Rigorous controls limit who can access data, following principle of least privilege.
Security by design.
Security is built into our products and infrastructure from the start.
Zero-Trust Architecture
Security is built into products and infrastructure from the start. Every request is verified.
Defense in Depth
Multiple layers of security controls protect against sophisticated threats.
Supply Chain Security
Software development lifecycle ensures security is designed in from inception.
Continuous Monitoring
Automated alerts and manual investigation processes address suspicious activity.
Readiness underway.
We are actively implementing and documenting controls for SOC 2 Type I readiness while strengthening the broader security program.
SOC 2 Type I
In ProgressWe are actively implementing and documenting controls in preparation for a future SOC 2 Type I audit. SOC 2 Type II is planned after those controls have operated for the required period.
Security Program Focus Areas
Data Retention Controls
We offer flexible data retention options to help you stay compliant with your regulatory, industry, and contractual requirements.
Configurable Retention
Qualifying organizations can configure how long we retain business data.
Zero Retention Option
Retention requirements are scoped by product, deployment, and agreement terms.
Data Deletion
Data deletion workflows are available upon request, subject to product and agreement terms.
Always vigilant.
Our security operations team monitors and protects your data around the clock.
Security Coverage
Monitoring and incident-response processes are in place for potential security events.
Automated Detection
Automated alerts and investigation processes for suspicious activity.
Enterprise Access Management
IT teams can manage users and permissions effectively.
Explore more.
Learn about our comprehensive approach to safety and transparency.
Questions about security?
Our security team is here to help. Request security documentation, discuss compliance requirements, or schedule a security review.