Release Logo

Security at Release

Release is SOC 2 Type 2 Certified

Our commitment to security is validated through rigorous third-party audits and compliance certifications.

Vanta Compliance SOC 2 logo

Our Commitment

At Release, security is not just a feature - it's a fundamental principle that guides everything we do. We understand that our customers trust us with their development environments and data, and we take this responsibility seriously.

Infrastructure Security

Secure Architecture

Our platform is built on a foundation of security-first principles, utilizing industry best practices and modern security architectures to protect your data and environments.

Data Isolation

Each customer's environments and data are completely isolated using advanced containerization and networking technologies. This ensures that there is no cross-contamination between different customer environments.

Cloud Security

We leverage enterprise-grade cloud infrastructure with:

  • Automated security patches and updates
  • Regular security audits and penetration testing
  • 24/7 infrastructure monitoring
  • Comprehensive logging and alerting systems

Data Protection

Data Encryption

  • All data is encrypted in transit using TLS 1.2+
  • Data at rest is encrypted using industry-standard AES-256 encryption
  • Secure key management using AWS KMS

Access Controls

  • Role-based access control (RBAC)
  • Multi-factor authentication (MFA)
  • Regular access reviews and audit logging
  • Principle of least privilege enforcement

Compliance

SOC 2 Type 2 Certified

We maintain SOC 2 Type 2 certification, demonstrating our commitment to:

  • Security
  • Availability
  • Processing Integrity
  • Confidentiality
  • Privacy

Regular Audits

Our security practices are regularly audited by independent third parties to ensure compliance with industry standards and best practices.

Security Features

Environment Security

  • Isolated development environments
  • Secure access controls
  • Network security policies
  • Regular security scanning

Application Security

  • Automated vulnerability scanning
  • Dependency security monitoring
  • Container security
  • Code security analysis

Incident Response

24/7 Monitoring

Our security team monitors our infrastructure around the clock for any potential security issues.

Rapid Response

We maintain a comprehensive incident response plan that includes:

  • Immediate threat containment
  • Thorough investigation
  • Customer notification
  • Post-incident analysis and improvements

Security Practices

Employee Security

  • Background checks for all employees
  • Regular security training
  • Security awareness programs
  • Access management procedures

Vendor Management

  • Thorough vendor security assessments
  • Regular vendor security reviews
  • Contractual security requirements
  • Vendor access monitoring

Reporting Security Issues

We take security issues seriously. If you discover a potential security issue, please notify us immediately at security@release.com.

Updates and Notifications

We continuously update our security measures to address new threats and vulnerabilities. Customers are notified of significant security updates through:

  • Email notifications
  • Platform announcements
  • Security advisories
  • Regular security bulletins

Contact Us

For security-related questions or concerns, please contact our security team:

  • Email: security@release.com
  • Response time: Within 24 hours for non-critical issues
  • Immediate response for critical security issues