Trust Center

Start your security review
View & download sensitive information
Search items
ControlK

Overview

Welcome to the Druva Information Security Portal. Here you will find details on our Information Security Program that you may need to evaluate and keep informed about Druva Information Security.

The Druva information security program is led by Yogesh Badwe, CSO. The team is responsible for the following areas:

  • Governance, Risk & Compliance
    • Attestations, Certifications & Authorizations (SOC-2, HIPAA, FedRAMP, ISO-27001)
  • Security Operations & Cloud Security
    • Incident Response, Vulnerability Management, Penetration Testing, SIEM
  • Application Security
    • Security Reviews within CI/CD Pipeline, Threat Modeling, SAST, DAST
  • Security.Assurance
    • Third Party Risk Management

The Druva security program has been formalized and staffed continuously for more than the past 5 years. Druva has held continuously SOC-2 attestation and FedRAMP authorization for more than 4 years running.

Compliance

CCPA Logo
CCPA
CSA STAR Level 1 Logo
CSA STAR Level 1
CSA STAR Level 2 Logo
CSA STAR Level 2
DESC Cloud Service Provider Logo
DESC Cloud Service Provider
FedRAMP Moderate Logo
FedRAMP Moderate
FIPS 140-2 Logo
FIPS 140-2
GDPR Logo
GDPR
HIPAA Logo
HIPAA
IRAP Logo
IRAP
ISO 27001 Logo
ISO 27001
SOC 2 Logo
SOC 2
StateRAMP Logo
StateRAMP

Druva, Inc. is reviewed and trusted by

NASA - National Aeronautics and Space Administration-company-logoNASA - National Aeronautics and Space Administration
Marriott International-company-logoMarriott International
Amgen-company-logoAmgen
Chipotle Mexican Grill-company-logoChipotle Mexican Grill
SoFi-company-logoSoFi
Coldwell Banker-company-logoColdwell Banker
Hitachi America-company-logoHitachi America
Brown-Forman-company-logoBrown-Forman
The Clorox Company-company-logoThe Clorox Company
A&O Shearman-company-logoA&O Shearman
Leica Microsystems-company-logoLeica Microsystems

Documents

Featured Documents

SELF-ASSESSMENTSCSA Level-1 CAIQ
REPORTSSOC 2 Report
REPORTSSOC 2 Bridge Letter
REPORTSHIPAA Report
COMPLIANCEISO 27001
POLICIESInformation Security Policy

Product Security

Audit Logging
Data Security
Integrations
View more

Reports

Architecture Diagram
Security Whitepaper
Pentest Report
View more

Self-Assessments

CSA Level-1 CAIQ

Legal

Cyber Insurance COI
Global Anti-Corruption Policy
Privacy Policy
View more

Policies

Business Continuity/Disaster Recovery (BC/DR) Policy
Incident Response Policy
Information Security Policy
View more

Security Grades

SecurityScorecard
Security Scorecard
Security Scorecard A grade
Qualys SSL Labs
Druva Cloud Platform Login
A+
inSync Endpoints
A+

If you think you may have discovered a vulnerability, please send us a note.

Report Issue
Powered bySafeBase Logo