Assurance Process


xMatters has relentlessly pursued a mature privacy & security program. We are ISO 27001:2013, ISO 27701:2019 and ISO 22301:2019 certified, we meet AICPA SOC 2 Audit Standard, and we have SOC 3 report publicly available. xMatters also conducts continuous monitoring by means of:

  • Internal audits
  • Privacy regulations compliance
  • External audits
  • Managing risks

Audit reports, including SOC 2, are available under established NDA.

Vulnerability Management and Penetration testing

xMatters continuously assesses our infrastructure and applications for vulnerabilities and remediates those that could impact the security of customer data. For further assurance and in the interests of being transparent, xMatters conducts the following via independent external vendors:

  • Application vulnerability testing
  • Infrastructure-level vulnerability scanning
  • Penetration testing

We also understand the privacy concerns of our users and strong privacy practices are critical to our mission. See our privacy notice for more info on how we continuously strive to achieve the highest privacy posture for our customers.