Trust, security,and privacy.
At the core of our mission. Your organization's data always remains confidential, secure, and entirely owned by you—across all our products and platforms.
Independent third-party audits confirm our controls align with industry standards.
Your data, protected.
We take data privacy seriously. Here's our commitment to protecting your information.
Your Data Stays Yours
By default, we do not use data from enterprise, business, or API customers for training or improving our models.
No Mixing of Data
Complete tenant isolation ensures your data is never accessible to other customers or mixed in any way.
Confidential & Secure
Your organization's data always remains confidential, secure, and entirely owned by you.
Enterprise Commitment: By default, we do not use data from Insight Sentinel Enterprise, Business, or our API platform—including inputs or outputs—for training or improving models.
Military-grade encryption.
Your data is protected by the strongest encryption standards available.
Encryption at Rest
All data encrypted using AES-256. Keys managed through hardware security modules (HSM).
Encryption in Transit
TLS 1.2+ for all communications between customers, Disruptive Rain, and service providers.
Enterprise Key Management
Control your own encryption keys for an additional layer of security and compliance.
Strict Access Controls
Rigorous controls limit who can access data, following principle of least privilege.
Security by design.
Security is built into our products and infrastructure from the start.
Zero-Trust Architecture
Security is built into products and infrastructure from the start. Every request is verified.
Defense in Depth
Multiple layers of security controls protect against sophisticated threats.
Supply Chain Security
Software development lifecycle ensures security is designed in from inception.
Continuous Monitoring
Automated alerts and manual investigation processes address suspicious activity.
Independently verified.
Third-party audits confirm our security practices meet the highest standards.
SOC 2 Type II
In ProgressWorking toward independently audited controls for security, availability, and confidentiality.
HIPAA
In ProgressWorking toward full compliance with healthcare data protection requirements.
GDPR
In ProgressWorking toward complete alignment with EU data protection regulations.
ISO 27001
In ProgressWorking toward information security management system certification to international standards.
Additional Certifications
Data Retention Controls
We offer flexible data retention options to help you stay compliant with your regulatory, industry, and contractual requirements.
Configurable Retention
Qualifying organizations can configure how long we retain business data.
Zero Retention Option
API platform customers can opt for zero data retention policy.
Data Deletion
Complete data erasure upon request with verified deletion confirmation.
Always vigilant.
Our security operations team monitors and protects your data around the clock.
24/7 Security Team
On-call security rotation 365 days a year for potential security incidents.
Automated Detection
Automated alerts and investigation processes for suspicious activity.
Enterprise Access Management
IT teams can manage users and permissions effectively.
Explore more.
Learn about our comprehensive approach to safety and transparency.
Questions about security?
Our security team is here to help. Request audit reports, discuss compliance requirements, or schedule a security review.