Whether it is the code we write, the software we use or the platform services we provide, security is always extremely important. We know that you rely on Sauce to help your developers deliver better software faster, and we are committed to protecting your investment. We’re SOC 2 Type 2 compliant and available to answer any security questions you may have.
Our commitment to security
Sauce Labs is a company built on community and trust; we firmly believe that transparency and honesty are the only ways to build and maintain that trust. At Sauce Labs, we promise to disclose all relevant information in the event of a security incident, however our first directive is to keep our customers secure and operational. In the event that disclosure may increase the risk to our customers, we ask for sufficient time to resolve the vulnerability before sharing the information.
Another aspect of community is the goal of contributing to the health of the group as a whole. Any individual or group that discovers and subsequently notifies Sauce Labs of a current or potential issue is fully credited for their contribution (unless requested otherwise).
Overview of Sauce Labs Security Processes
Sauce Labs provides a secure and scalable cloud computing platform for functional testing of web and mobile apps located in world-class data centers in North America and Europe.
Having our own cloud enables us to provide our services faster, and with higher security, than can be delivered on a public cloud with shared resources.
SOC 2 Type 2 Compliant
Sauce Labs is SOC 2 Type 2 compliant. Please contact your account manager to initiate a request for this report or email Sauce Labs. You can also immediately download a copy of our SOC 3 report.
Technical and Organizational Measures
To ensure trust in its professional services, Sauce Labs has implemented a number of technical and organizational measures. This summary will provide an overview of what is being done at Sauce Labs to protect information as well as technical infrastructure.
Sauce Connect Proxy™ Security Overview
Sauce Connect Proxy™ is a built-in HTTP proxy server that allows users to access Sauce Labs infrastructure from their local environment or behind a corporate firewall. This extra layer of security ensures that no sensitive data is exposed, and allows Sauce users to securely test their web and mobile applications.
Compliance certifications and attestations
SOC 2 Type 2
Trust Services Principles
SOC 3 Report
Service Organization Controls
See Something, Say Something
If you believe you've found a potential security issue, we want to ensure the correct members of our team are alerted as soon as possible. We will respond to your security-related query within one (1) business day. If you have not received a response, please ensure that any communication from Sauce Labs is not in junk-mail or spam-filters.
How do I track my submission? What is the process?
Upon submission of an issue, it will be evaluated and reproduced to validate the bug. You will receive a response notifying you that we are working on the issue, and will get back to you shortly. The vulnerability will be categorized, ranked and prioritized. At that time you will receive a follow up email with the expected resolution time. A blog post will be created crediting the submitter (unless requested otherwise), and a link to the blog post will be archived on this page.
