Start your security review
View & download sensitive information
Search items
Welcome to the Druva Information Security Portal. Here you will find details on our Information Security Program that you may need to evaluate and keep informed about Druva Information Security.
The Druva information security program is led by Yogesh Badwe, CSO. The team is responsible for the following areas:
- Governance, Risk & Compliance
- Attestations, Certifications & Authorizations (SOC-2, HIPAA, FedRAMP, ISO-27001)
- Security Operations & Cloud Security
- Incident Response, Vulnerability Management, Penetration Testing, SIEM
- Application Security
- Security Reviews within CI/CD Pipeline, Threat Modeling, SAST, DAST
- Security.Assurance
- Third Party Risk Management
The Druva security program has been formalized and staffed continuously for more than the past 5 years. Druva has held continuously SOC-2 attestation and FedRAMP authorization for more than 4 years running.
If you think you may have discovered a vulnerability, please send us a note.