SOC 2 compliance
The Software data platform is fully SOC 2 compliant. We partner with Drata, a continuous compliance platform, to monitor our security posture on an ongoing basis.
We never read, transmit, or store source code. We do not edit or modify code or files.
We request minimum permissions and use read-only API calls to analyze GitHub metadata while keeping your data private.
We encrypt all data at rest in databases, backups, and storage. All data processing, transformations, and queries are done without ever being able to see sensitive data.
We keep your data safe with zero trust architecture and processes. We secure access to all databases with StrongDM, which provides a zero trust, credential-free way to access databases, servers, and infrastructure.
The Software data platform is fully SOC 2 compliant. We partner with Drata, a continuous compliance platform, to monitor our security posture on an ongoing basis.
Our GitHub integration only collects metadata about your organization’s activity. We never read, transmit, or store source code. Some of the APIs we request permissions to access include:
After the initial sync, our app subscribes to ongoing GitHub webhook events to provide you with real-time insights. Some examples of the events that we subscribe to include:
You can learn more about the data we collect and the permissions we request on our GitHub integration's information page.
Our mission is to uphold the integrity of your data through state of the art security and industry best practices. We securely store, process, and analyze your data so that you can use the Software platform with confidence.