Security at Ostorlab

Security Program Highlights

SOC2 Type II Certification

Ostorlab is SOC2 Type 2 Certified, a widely recognized auditing standard designed to ensure that service providers are implementing sufficient controls to protect the security, privacy, and availability of their customers' data.

Achieving SOC2 certification is a significant milestone for Ostorlab, as it demonstrates our commitment to providing our customers with the highest levels of security and data protection. The certification serves as an independent validation of our security posture and provides assurance to our customers that we are following industry best practices.

Data encryption

Your data is always encrypted at rest and in transit to and from our platform. We use Google Cloud Key Management service to manage encryption keys using hardware security modules for maximum security in line with industry best practices.

Hosting

Ostorlab is hosted using Google Cloud Platform services to offer the best guarantee possible in terms of physical and infrastructure security.

Platform's availability

Ostorlab's availability SLA is 99.5% and our Recovery Point Objective is 6 hours.

We ensure business continuity and disaster recovery through the concept of “availability zones” and geographical distribution offered by cloud infrastructure.

Security controls

Our Security assurance program combines 100+ security controls across the organization, including continuous automated scanning as well as a Bug Bounty program and a Responsible Vulnerability Disclosure Policy.