Start your security review
View & download sensitive information
Ask for information
Search items
ControlK

Overview

Welcome to Coralogix's Trust Center. Our commitment to data privacy and security is embedded in every part of our business. Use this Trust Center to learn about our security posture and request access to our security documentation.

Compliance

SOC 2 Type 2 Logo
SOC 2 Type 2
ISO/IEC 27001 Logo
ISO/IEC 27001
ISO/IEC 27701 Logo
ISO/IEC 27701
ISO/IEC 27017 Logo
ISO/IEC 27017
ISO/IEC 27018 Logo
ISO/IEC 27018
PCI DSS v4.0.0 Logo
PCI DSS v4.0.0
GDPR Logo
GDPR
HIPAA Logo
HIPAA
DORA Logo
DORA
EU-US DPF Logo
EU-US DPF
CCPA Logo
CCPA
EU AI Act Logo
EU AI Act

Coralogix is reviewed and trusted by

Curve-company-logoCurve
Imperva-company-logoImperva
WSC Sports-company-logoWSC Sports
CoinDCX-company-logoCoinDCX
Razorpay-company-logoRazorpay
Armis-company-logoArmis
Yotpo-company-logoYotpo
MasterClass-company-logoMasterClass
Tradeweb-company-logoTradeweb
Payoneer-company-logoPayoneer
PUMA-company-logoPUMA
monday.com-company-logomonday.com

Documents

REPORTSData Flow Diagram (DFD)
REPORTSHIPAA Report
REPORTSNetwork Diagram
REPORTSPCI DSS
REPORTSPentest Report
REPORTSSOC 2 Report
REPORTSSOC-2 Bridge Letter - May 2025
COMPLIANCEDORA
COMPLIANCEGDPR
COMPLIANCEHIPAA
COMPLIANCEISO/IEC 27001
COMPLIANCEISO/IEC 27017

Risk Profile

Third Party DependenceYes
HostingMajor Cloud Provider

Product Security

Audit Logging
Data Security
Integrations
View more

Reports

BAA
Data Flow Diagram (DFD)
HIPAA Report
View more

Self-Assessments

CAIQ
VSA Core

Data Security

Access Monitoring
Certificates of Destruction
Data Backups
View more

App Security

Responsible Disclosure
Application Penetration Testing
Code Analysis
View more

AI

AI Governance
AI Risk Management
AI Usage Training

ESG

Anti-Bribery and Corruption
Anti-Competitive Practices
Anti-Modern Slavery
View more

Legal

Subprocessors
Cyber Insurance
Data Processing Agreement
View more

Data Privacy

Cookies
Data Breach Notifications
Data Privacy Officer
View more

Access Control

Access Log Management
Data Access
Internal Single-Sign-On (SSO)
View more

Infrastructure

Status Monitoring
Amazon Web Services
Anti-DDoS
View more

Endpoint Security

Anti-Malware
Endpoint Detection & Response
Threat Detection

Network Security

DNSSEC
Firewall
IDS/IPS
View more

Corporate Security

Asset Management Practices
Employee Training
HR Security
View more

Policies

Access Control Policy
Business Continuity/Disaster Recovery (BC/DR) Policy
Incident Response Policy
View more

Incident Response

Designated Response Personnel
Incident Reporting Process
Pager Service

Risk Management

Data Access/Impact Levels
Risk Assessments
Supply Chain Risk Management

Asset Management

Asset Inventories (Hardware/Software)
IT Asset Management (ITAM) Program
Secure Asset Disposal

BC/DR

Business Continuity Plan (BCP)
Disaster Recovery Plan (DRP)
Failover/High Availability
View more

Training

Employee Privacy Training
Phishing Training
Role-Based Training
View more

Physical & Environment

Access Monitoring
Alarms & Surveillance
Physical Access Security

Continuous Monitoring

Automated Alert Response
Data Loss Prevention System (DLP)
Event & Audit Log Management
View more
Trust Center Updates

SOC 2 Control Bridge letter – May 2025

Copy link
Compliance
We have uploaded a SOC 2 Bridge Letter to our Trust Center, covering the period following the end of our recent SOC 2 Type II report. This letter affirms that:
  1. The controls evaluated during our last SOC 2 audit remain in place and operate effectively.
  2. No material changes have occurred in the control environment besides mitigation activities noted in the report.
  3. No control failures or security incidents have occurred that would compromise our systems' integrity or reliability.
This interim attestation ensures continuity of trust and transparency until the next SOC 2 report is finalized. We anticipate publishing the updated SOC 2 Type II report in the coming months and will provide an update once it is available.

Sub-processors Update

Copy link
Subprocessors

Coralogix will be adding Zendesk, Superhuman, GCP and Azure to Authorized Subprocessors List

We will be adding Zendesk, Superhuman, Microsoft Azure and Alphabet's GCP to our list of authorized sub-processors.
  • Zendesk: will be used to manage customer support communications for Snowbit.
  • Superhuman: will be used to streamline email communication workflows.
  • Azure: will be used in the context of our AI Center.
  • GCP: will be used as a hosting provider (only for customers who wish to be hosted there).
These subprocessors were assessed and approved according to our internal vendor risk management and data protection policies. We remain committed to transparency and to upholding the highest standards of security and privacy.
Built onSafeBase by Drata Logo