Security Portal

Start your security review
Search items

Overview

We know source code is one of your most sensitive assets. Every component of Sourcegraph was designed with security as our top priority. This Trust Center details our comprehensive security program, where you can find information and request access to documents to validate our security measures.

Security is woven into the fabric of everything we build at Sourcegraph. Our code AI platform demonstrates our continued commitment to empowering developers with the tools for your devs to do their best work while safeguarding what matters most—your source code.

Compliance

CCPA Logo
CCPA
GDPR Logo
GDPR
SOC 2 Logo
SOC 2
Start your security review

Sourcegraph is trusted by

Reddit-company-logoReddit
Dropbox-company-logoDropbox
Uber-company-logoUber
Databricks-company-logoDatabricks
Indeed-company-logoIndeed
Nutanix-company-logoNutanix
Plaid-company-logoPlaid
Canva-company-logoCanva
Pentest report
SOC 2
CAIQ
CIS
VSA Full
Data processing agreement
Disaster recovery & business continuity
MSA Security Exhibit

Product Security

Audit logging
Data security
Integrations
View more

Data Security

Access monitoring
Backups enabled
Data erasure
View more

App Security

Responsible disclosure
Code analysis
Container security
View more

Access Control

Least privileged access model
Logging
Password security

Infrastructure

Anti-DDoS
Disaster recovery & business continuity
Google Cloud Platform
View more

Endpoint Security

Disk encryption
Mobile device management & device trust
Threat detection

Network Security

Firewall
IDS/IPS
Security information & event management
View more

Corporate Security

Asset management practices
Email protection
Employee training
View more

Policies

Acceptable use policy
Access control policy
Backup policy
View more

Security Grades

HSTS Preload List
sourcegraph.com
ImmuniWeb
sourcegraph.com
Qualys SSL Labs
Sourcegraph.com

Knowledge Base

  • Is multi-currency supported? Please list currencies.
  • Do you have any limit that needs to be stated explicitly to customers on the your acceptable usage policies or licensing rights?
  • Provide a copy of Sourcegraph's data processing agreement. DPA
  • What security detection and response features do you have implemented on your email applications and is it integrated into your SOAR system? (Reference Endpoint Protection tab]
  • Have you applied SPF, DKIM and DMARC to your email system?
View more

If you think you may have discovered a vulnerability, please send us a note.

Powered bySafeBase Logo