Safeguarding critical assets and customer data is a top priority at Saviynt. We emphasize layered defenses through a robust set of controls, and we adopt industry best-practices to securely design and operate our platform. We have governance structures and programs in place continually elevate our security and privacy posture, and we work closely with our Compliance, Legal, and Privacy teams to ensure effective governance. As we continue to strengthen our security posture, it is equally important to us that we transparently share aspects of our security controls with our customers, to instill confidence and make our customers aware of our defenses in the face of a continuously emerging threat landscape. We make these available to our customers via our Trust Portal. You can find current versions of our security artifacts and reports, including our latest compliance certifications such as ISO 27001, ISO 27017, FedRAMP, PCI-DSS, SOC 1, SOC 2, IRAP, to name a few. Authorized customer users can request access to these artifacts through the Trust Portal. As other examples, we transparently share aspects of our Incident Response Process, Security Bulletins, Product Security, and Data Security on the Trust Portal. The content will continue to evolve, and additional updates will be released over the next few months. If you have questions on how to navigate the Trust Portal, or have feedback for us to further improve the content or your experience in navigating through the Portal, please drop us a note at infosec@saviynt.com and a member of the Information Security team will respond.
Saviynt is aware of the global outage affecting Microsoft Windows systems, that were caused by CrowdStrike related updates. Saviynt systems are not affected by this issue and we have not experienced any outages. We continue to monitor the situation as part of our ongoing Cyber Defense activities.
Date: May 22, 2024 Saviynt, a leading provider of cloud-native identity and governance platform solutions, announced that it has voluntarily committed to the Cybersecurity and Infrastructure Security Agency’s (CISA) Secure by Design pledge. It is among one of the first 100 companies that pledges to enhance product security within a year, alongside industry giants like AWS, Microsoft, IBM, and Google. This move further validates Saviynt’s commitment to power and protect the world at work.
For more details on Saviynt's commitment to secure by design, please refer to the press release: Saviynt Signs CISA's Secure by Design Pledge
Saviynt provides important information about security vulnerabilities that may affect some products and services, through Security Bulletins, which we will make available to our customers through the Trust Portal. These bulletins allow us to provide information, remediation strategies, and updates. Bulletins may be issued even when there is no impact to our customers, or when no action needs to be taken the part of customers, and serve as informational updates to our customers. Please refer to updates in the preceding sections.
We are thrilled to announce the launch of our Trust Center! At Saviynt, we believe in transparency and building trust with our customers. The Trust Center is designed to provide our customers with a secure and streamlined way to access information about our security program, making it easy to stay updated and find the information they need. If you want to learn more, visit our Trust Center and sign up for our Trust Center Updates to stay informed about everything related to our security
We're pleased to announce that we recently completed our ISO 27001, ISO 27017 and SOC 1 & SOC 2 audits! As such, our updated ISO certificates and SOC reports are now available.
We are proud to announce that Saviynt is officially PCI-DSS (Payment Card Industry Data Security Standards) certified.
If you need help using this Trust Center, please contact us.
If you think you may have discovered a vulnerability, please send us a note.