Certifications & Compliance
Industry-recognized security standards
SOC 2 Type II
Annual audit of security, availability, and confidentiality controls.
CertifiedISO 27001
Information security management system certification.
CertifiedGDPR Compliant
Full compliance with EU General Data Protection Regulation.
CompliantCyber Essentials Plus
UK government-backed certification for cyber security.
CertifiedSecurity Practices
How we protect your data
Encryption
All data is encrypted at rest using AES-256 and in transit using TLS 1.3. Encryption keys are managed using industry-standard key management services.
Infrastructure
Our infrastructure is hosted on enterprise-grade cloud providers with SOC 2 certification. We use multiple availability zones for high availability.
Access Control
Strict role-based access control (RBAC) ensures employees only access data necessary for their role. All access is logged and audited.
Regular Audits
We conduct regular security audits, penetration tests, and vulnerability assessments by independent third parties.
Incident Response
Our security team operates 24/7 with documented incident response procedures. Customers are notified promptly of any security incidents.
Secure Development
Our development practices include code reviews, static analysis, dependency scanning, and security training for all engineers.
Responsible Disclosure
We appreciate the work of security researchers who help us maintain the security of our platform. If you discover a vulnerability, please report it to our security team.
Report a Vulnerability
Please send vulnerability reports to security@openseye.com. Include as much detail as possible, including steps to reproduce the issue.
We commit to responding within 48 hours and will keep you informed of our progress. We do not pursue legal action against researchers who follow responsible disclosure practices.