Security Portal

Get access to this Security Portal
  • Review sensitive security details
  • Unlock documents
  • Submit security questionnaires
  • Ask for more information
Had access before? Reclaim access

Overview

Split follows extensive practices to track and protect your data as it moves through Split’s services.

Compliance

CCPA Logo
CCPA
GDPR Logo
GDPR
ISO 27001 Logo
ISO 27001
Privacy Shield Logo
Privacy Shield
SOC 2 Logo
SOC 2
Get access to this Security Portal
  • Review sensitive security details
  • Unlock documents
  • Submit security questionnaires
  • Ask for more information
Had access before? Reclaim access

Documents

All
Public
Private
12 Documents
Network Diagram
Pentest Report
Security Whitepaper
SOC 2 Report
ISO 27001
SOC 2
CAIQ
Cyber Insurance
Data Processing Agreement

Risk Profile

Data Access LevelRestricted
Impact LevelModerate
Recovery Time Objective< 12 Hours
See more

Product Security

Role-Based Access Control
Audit Logging
Data Security
See more

Reports

Network Diagram
Pentest Report
SOC 2 Report
See more

Self-Assessments

CAIQ

Data Security

Access Monitoring
Backups Enabled
Data Erasure
See more

App Security

Responsible Disclosure
Code Analysis
Software Development Lifecycle
See more

Legal

Subprocessors
Cyber Insurance
Data Processing Agreement
See more

Access Control

Data Access
Logging
Password Security

Infrastructure

Anti-DDoS
Amazon Web Services
Infrastructure Security
See more

Endpoint Security

Disk Encryption
Endpoint Detection & Response
Mobile Device Management
See more

Network Security

DNSSEC
Firewall
IDS/IPS
See more

Corporate Security

Email Protection
Employee Training
Incident Response
See more

Security Grades

Qualys SSL Labs
Web Application
A+
API
A+
SDK
A+
Events
A+
Auth
A+
Telemetry
A+
Integration Service
A+

Trust Center Updates

Split's Response to the 2022 OpenSSL 3.0.x Vulnerabilities

On November 1, 2022, the OpenSSL Project published two high-severity vulnerabilities (CVE-2022-3602 and CVE-2022-3786). Any version between 3.0.0 and 3.0.6 of OpenSSL is affected. The initial guidance, as published, is users should expedite the upgrade to version 3.0.7 to reduce the impact of this threat.

At this time, we’ve found that our public-facing endpoints are not affected by these vulnerabilities. We also continue to monitor the U.S. government Cybersecurity & Infrastructure Security Agency (CISA) guidance on these vulnerabilities.

Published at 11/04/2022, 3:32 PM

Split has earned the ISO 27001 certification

We’re pleased to announce that Split has earned the ISO 27001 certification.

ISO 27001 certification is an important milestone that further demonstrates Split’s dedication to best-in-class security and compliance while operating at a global scale.

ISO 27001 was developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) to standardize the process for establishing, implementing, operating, monitoring, reviewing, and maintaining an information security management system (ISMS).

Split’s platform provides an always-on and highly secure feature flagging and feature experimentation service. From the beginning we have designed our infrastructure and practices with security as a top priority. The ISO 27001 certification validates our commitment to this principle.

To request a copy of Split’s ISO 27001 certificate, visit the Split Security Portal.

Published at 03/05/2022, 10:41 PM