Trust Portal

Start your security review
View & download sensitive information
Ask for information

Overview

We follow a rigorous information security program, vendor risk assessment program and an incident response plan. r2c is founded on the principle of bringing the power and security of SDLC to the rest of the developer community. Every single member of the team is trained and fully committed to SDLC policy. We have a dedicated security team with 4 engineers and a security and compliance officer.

Core tenets of our security program include:

-Security awareness training -Defined security requirements -Defined metrics for acceptable risk -Threat modeling -Use of modern crypto libraries -Securing 3rd party dependencies -CI/CD pipeline with code review from a peer for every PR -Static analysis on every PR -Unit/integration tests

Compliance

SOC 2 Logo
SOC 2
GDPR Logo
GDPR
Start your security review
View & download sensitive information
Ask for information

Semgrep is reviewed and trusted by

GitLabGitLab
SlackSlack
DropboxDropbox
ShopifyShopify
CheggChegg
SnowflakeSnowflake

Documents

Network Diagram
SOC 2 Report
Third-party Annual Pentest
SOC 2
CAIQ Lite
Cyber Insurance
Data Processing Agreement
Access Control Policy
Asset Management Policy
Business Continuity Policy
Data Security Policy
Encryption Policy
General Incident Response Policy
Information Security Policy
Other Policies
Physical Security
Risk Management Policy
Software Development Lifecycle

Risk Profile

Data Access Level
Impact Level
Critical Dependence
View more

Product Security

Audit Logging
Data Security
Integrations
View more

Reports

Network Diagram
SOC 2 Report
Third-party Annual Pentest

Self-Assessments

CAIQ Lite

Data Security

Access Monitoring
Backups Enabled
Data Erasure
View more

App Security

Responsible Disclosure
Code Analysis
Credential Management
View more

Access Control

Data Access
Logging
Password Security

Infrastructure

Status Monitoring
Amazon Web Services
BC/DR
View more

Endpoint Security

Disk Encryption
Endpoint Detection & Response
Mobile Device Management
View more

Network Security

Firewall
IDS/IPS
Security Information and Event Management
View more

Corporate Security

Email Protection
Employee Training
HR Security
View more

Policies

Access Control Policy
Asset Management Policy
Business Continuity Policy
View more

Trust Center Updates

Powered bySafeBase Logo