xMatters has relentlessly pursued a mature privacy & security program. We are ISO 27001:2013, ISO 27017:2015 and ISO 271018:2019 certified, we meet AICPA SOC 2 Audit Standard, and we have SOC 3 report publicly available. xMatters also conducts continuous monitoring by means of:
- Internal audits
- Privacy regulations compliance
- External audits
- Managing risks
Audit reports, including SOC 2, are available under established NDA.
Vulnerability Management and Penetration testing
xMatters continuously assesses our infrastructure and applications for vulnerabilities and remediates those that could impact the security of customer data. For further assurance and in the interests of being transparent, xMatters conducts the following via independent external vendors:
- Application vulnerability testing
- Infrastructure-level vulnerability scanning
- Penetration testing
We also understand the privacy concerns of our users and strong privacy practices are critical to our mission. See our privacy notice for more info on how we continuously strive to achieve the highest privacy posture for our customers.