Trust Center

Start your security review
View & download sensitive information
Ask for information
Search items

Overview

Welcome to the OpenContext Security Portal. As a provider of tools that materially improve the security context for our customers, our priority is to maintain safe and secure products that our customers can trust.

OpenContext is continually investing in our overall information security program, resources, and expertise.

As a service provider, we understand the importance of providing clear information about our security practices, tools, resources, and responsibilities within OpenContext so that our customers can feel confident in choosing us as a trusted service provider.

Compliance

CCPA Logo
CCPA
GDPR Logo
GDPR
Start your security review
View & download sensitive information
Ask for information

Documents

Data Processing Agreement

Risk Profile

Data Access Level
Impact Level
Recovery Time Objective
View more

Product Security

Integrations
Role-Based Access Control
SSO Support

Reports

We may provide security-related reports upon request.

Self-Assessments

SIG Lite

Data Security

Access Monitoring
Backups Enabled
Data Erasure
View more

App Security

Responsible Disclosure

Access Control

Data Access

Infrastructure

Anti-DDoS
Data Center
Firebase
View more

Endpoint Security

Disk Encryption
Mobile Device Management

Network Security

DNSSEC
Virtual Private Cloud

Corporate Security

Email Protection
HR Security
Internal SSO

Policies

We are currently working with experts to put together our company policies. Please contact us for more details.

Security Grades

Qualys SSL Labs
OpenContext Corporate web site
A
OpenContext Client Portal
A+
OpenContext Application
B
OpenContext Security Portal
A
Security Headers
OpenContext Application
A

Trust Center Updates

OpenContext’s Response to the 2022 OpenSSL 3 Vulnerabilities

IncidentsCopy link

After a careful review of our codebase, infrastructure, and context manifests, the OpenContext team has determined that we are not currently vulnerable to the OpenSSL 3 vulnerabilities CVE-2022-3602 and CVE-2022-3786 that were disclosed on November 1, 2022.

Additional response from Google - https://cloud.google.com/openssl-security-advisory

As an additional reminder, our Subscribe feature is available as a means to send updates such as these to customers. You can Subscribe to OpenContext security updates yourself at the top of this Security Portal. Please feel free to reach out to us at security@opencontext.com if you have any questions or concerns.

Published at N/A

Security Update - Log4j

IncidentsCopy link

Security Update - Log4j

As you may have seen in recent news, a recent major security vulnerability was discovered with the popular logging utility Log4j.

After reviewing our software context manifests, architecture, logs, communicating with our vendors, and reading all the information that is publicly available as of January 2022, we have no reason to believe that any OpenContext internal or customer data has been affected at this point in time. Should this change, we will communicate this to you as soon as we are able to.

As it stands, none of our code is written in Java, nor do we use any impacted tooling throughout our entire tech stack.

As an additional reminder, our Subscribe feature is available as a means to send updates such as these to customers. You can Subscribe to OpenContext security updates yourself at the top of this Security Portal.

Please feel free to reach out to us at security@opencontext.com if you have any questions or concerns.

Published at N/A

If you think you may have discovered a vulnerability, please send us a note.

Powered bySafeBase Logo