Skip to content

Security and Compliance at Omnistrate

Omnistrate delivers enterprise-grade security and compliance for your SaaS products across all deployment channels. Our platform is designed to help you implement robust security controls, maintain governance, and meet industry standards with ease.

Our Security Practices

  • SOC2 Type II Compliance: Omnistrate's control plane is SOC2 Type II compliant. We have documented and implemented all required controls to help you accelerate compliance for your SaaS product. For more details, see our Type I and Type II press releases.
  • Penetration Testing: We conduct regular penetration tests and make reports available upon request to ensure ongoing security and risk mitigation.
  • Vulnerability Reporting: If you discover a security issue or vulnerability, please contact us at security@omnistrate.com. We will coordinate with you to securely address and resolve any concerns.

Key Security Features

  • Permissions: Permissions required to access your and your customers' cloud accounts, following minimum privilege principles
  • Role-Based Access Control (RBAC): Enforce security policies to restrict access to resources and actions based on user roles and organizational context
  • Secrets Management: Secure handling of sensitive configuration
  • Custom Networks: Network isolation and VPC integration
  • SSO Integration: Enterprise authentication and identity management
  • Operational Status Page: Communicate real-time status to your users
  • Audit Logs: Track user actions and system events across your SaaS products for accountability and compliance.

Compliance Resources

The resources in this section are designed to help you create and certify your own self-service portal, ensuring it meets industry security and compliance standards.

  • SOC2 for your control plane: Accelerate SOC2 compliance for your SaaS product using Omnistrate's certified control plane and documented controls.
  • Security questionnaire: Access a common compliance questionnaire report, including resources like the AWS FTR checklist, to streamline your review process.
  • Pen test report: Review details about our penetration testing program. If you require a custom report, please contact support@omnistrate.com for assistance.

Reporting Security Issues

Note

If you have a security concern or believe you have found a vulnerability in any part of our infrastructure, please contact us at security@omnistrate.com. We will work with you to coordinate the secure exchange of sensitive information.