Assurance Process


xMatters has relentlessly pursued a robust and mature privacy & security program. We are already ISO 27001:2013 certified and are in process of obtaining SOC 2 Type II and SOC 3 reports. xMatters also conducts continuous monitoring by means of:

  • Internal audits
  • Privacy regulations compliance
  • External audits
  • Managing risks

Audit results are available to share under established NDA and all findings are tracked to resolution.

Vulnerability Management and Penetration testing

xMatters continuously assesses our infrastructure and applications for vulnerabilities and remediates those that could impact the security of customer data. For further assurance and in the interests of being transparent, xMatters conducts the following via independent external vendors:

  • Application vulnerability testing
  • Infrastructure-level vulnerability scanning
  • Penetration testing

We also understand the privacy concerns of our users and strong privacy practices are critical to our mission. See our privacy notice for more info on how we continuously strive to achieve the highest privacy posture for our customers.