Technical and organizational
Cobrowse.io maintains a formal security program in accordance with industry standards (ISO 27001 and SOC 2) designed to ensure the confidentiality, integrity, and availability of the Cobrowse Software and all processing of Licensee data.
If you are an interested party and would like to know more about our information security management system, please reach out to security@cobrowse.io. Please download our ISO 27001-2013 Certificate here.
Third party penetration tests, ISO 27001 certification audits, and SOC 2 compliance audits are conducted annually and reports are available upon request.
Subprocessors and other third parties with access to Licensee data are reviewed during initial onboarding and annually thereafter to ensure compliance with the Cobrowse.io ISMS policies.
System and application logs are stored centrally, and protected against unauthorized access, modification, and deletion.
Logs are monitored regularly for software issues, unauthorized access, and other anomalies.
All Licensee data is encrypted both at rest and in transit using AES-256 or stronger and TLS 1.2+.
The Cobrowse.io Software and all systems storing or processing Licensee data are scanned regularly for security patches, vulnerabilities, and malware.
If you are a security researcher and believe you have found a security vulnerability, Cobrowse.io supports responsible disclosure of material vulnerabilities by emailing security@cobrowse.io.