Security

We take security seriously at Sauce Labs

Whether it is the code we write, the software we use or the platform services we provide, security is always extremely important. We know that you rely on Sauce to help your developers deliver better software faster, and we are committed to protecting your investment. We’re SOC 2 Type 2 compliant and available to answer any security questions you may have.

Security saucebot

Our commitment to security

Sauce Labs is a company built on community and trust; we firmly believe that transparency and honesty are the only ways to build and maintain that trust. At Sauce Labs, we promise to disclose all relevant information in the event of a security incident, however our first directive is to keep our customers secure and operational. In the event that disclosure may increase the risk to our customers, we ask for sufficient time to resolve the vulnerability before sharing the information.

Another aspect of community is the goal of contributing to the health of the group as a whole. Any individual or group that discovers and subsequently notifies Sauce Labs of a current or potential issue is fully credited for their contribution (unless requested otherwise).

photo-home-hands-slack

Overview of Sauce Labs Security Processes

Sauce Labs provides a secure and scalable cloud computing platform for functional testing of web and mobile apps located in world-class data centers in North America and Europe.

Having our own cloud enables us to provide our services faster, and with higher security, than can be delivered on a public cloud with shared resources.

person working at a desk in Sauce Labs

SOC 2 Type 2 Compliant

Sauce Labs is SOC 2 Type 2 compliant. Please contact your account manager to initiate a request for this report or email Sauce Labs. You can also immediately download a copy of our SOC 3 report.

security at sauce labs

Technical and Organizational Measures

To ensure trust in its professional services, Sauce Labs has implemented a number of technical and organizational measures. This summary will provide an overview of what is being done at Sauce Labs to protect information as well as technical infrastructure.

woman working on sauce labs laptop

Sauce Connect Proxy™ Security Overview

Sauce Connect Proxy™ is a built-in HTTP proxy server that allows users to access Sauce Labs infrastructure from their local environment or behind a corporate firewall. This extra layer of security ensures that no sensitive data is exposed, and allows Sauce users to securely test their web and mobile applications.

Compliance certifications and attestations

Developer Saucebot

See Something, Say Something

If you believe you've found a potential security issue, we want to ensure the correct members of our team are alerted as soon as possible. We will respond to your security-related query within one (1) business day. If you have not received a response, please ensure that any communication from Sauce Labs is not in junk-mail or spam-filters.

Visual Saucebot

How do I track my submission? What is the process?

Upon submission of an issue, it will be evaluated and reproduced to validate the bug. You will receive a response notifying you that we are working on the issue, and will get back to you shortly. The vulnerability will be categorized, ranked and prioritized. At that time you will receive a follow up email with the expected resolution time. A blog post will be created crediting the submitter (unless requested otherwise), and a link to the blog post will be archived on this page.