Whether it is the code we write, the software we use or the platform services we provide, security is always extremely important. We know that you rely on Sauce to help your developers deliver better software faster, and we are committed to protecting your investment. We’re SOC 2 Type 2 and ISO 27001 certified and available to answer any security questions you may have.
Our commitment to security
Sauce Labs is a company built on community and trust; we firmly believe that transparency and honesty are the only ways to build and maintain that trust. At Sauce Labs, we promise to disclose all relevant information in the event of a security incident, however our first directive is to keep our customers secure and operational. In the event that disclosure may increase the risk to our customers, we ask for sufficient time to resolve the vulnerability before sharing the information.
Another aspect of community is the goal of contributing to the health of the group as a whole. Any individual or group that discovers and subsequently notifies Sauce Labs of a current or potential issue is fully credited for their contribution (unless requested otherwise).
Overview of Sauce Labs Security Processes
Sauce Labs provides a secure and scalable cloud computing platform for functional testing of web and mobile apps located in world-class data centers in North America and Europe and the Google Cloud Platform.
By providing both private and public cloud options our customers enjoy the security, scalability and efficiencies of choosing the option that best meets their own security and business requirements.
SOC 2 Type 2 Certified
Sauce Labs is SOC 2 Type 2 certified. Please contact your account manager to initiate a request for this report or email Sauce Labs.
Technical and Organizational Measures
To ensure trust in its professional services, Sauce Labs has implemented a number of technical and organizational measures. This summary will provide an overview of what is being done at Sauce Labs to protect information as well as technical infrastructure.
Sauce Connect Proxy™ Security Overview
Sauce Connect Proxy™ is a built-in HTTP proxy server that allows users to access Sauce Labs infrastructure from their local environment or behind a corporate firewall. This extra layer of security ensures that no sensitive data is exposed, and allows Sauce users to securely test their web and mobile applications.
Compliance certifications and attestations
See Something, Say Something
If you believe you've found a potential security issue, we want to ensure the correct members of our team are alerted as soon as possible. We will respond to your security-related query within one (1) business day. If you have not received a response, please ensure that any communication from Sauce Labs is not in junk-mail or spam-filters.
How do I track my submission? What is the process?
Upon submission of an issue, it will be evaluated and reproduced to validate the bug. You will receive a response notifying you that we are working on the issue, and will get back to you shortly. The vulnerability will be categorized, ranked and prioritized. At that time you will receive a follow up email with the expected resolution time. A blog post will be created crediting the submitter (unless requested otherwise), and a link to the blog post will be archived on this page.
