Druva, Inc. Logo

Trust Center

Start your security review
View & download sensitive information
Ask for information
ControlK

Overview

Welcome to the Druva Information Security Portal. Here you will find details on our Information Security Program that you may need to evaluate and keep informed about Druva Information Security.

The Druva information security program is led by Yogesh Badwe, CSO. The team is responsible for the following areas:

  • Governance, Risk & Compliance

    • Attestations, Certifications & Authorizations
      (SOC-2, HIPAA, FedRAMP, ISO-27001)

  • Security Operations & Cloud Security

    • Incident Response, Vulnerability Management, Penetration Testing, SIEM

  • Application Security

    • Security Reviews within CI/CD Pipeline, Threat Modeling, SAST, DAST

  • Security.Assurance

    • Third Party Risk Management

The Druva security program has been formalized and staffed continuously for more than the past 6 years. Druva has held continuously SOC-2 attestation and FedRAMP authorization for more than 5 years running.

Compliance

FedRAMP Certified Class C
SOC 2
ISO/IEC 27001
CSA STAR Level 2
GovRAMP
IRAP
HIPAA
DESC Cloud Service Provider
GDPR
CCPA
FIPS 140-2
CSA STAR Level 1
PCI DSS
NIST 800-171 Rev. 3

Druva, Inc. is reviewed and trusted by

EXL
NASA - National Aeronautics and Space Administration
Marriott International
SoFi
Regeneron
Hitachi America
Brown-Forman
The Clorox Company
ZS
Leica Microsystems

Documents

Featured Documents

REPORTSSOC 2 Bridge Letter
REPORTSSOC 2 Report
COMPLIANCEISO/IEC 27001
SELF-ASSESSMENTSCSA Level-1 CAIQ
POLICIESInformation Security Policy

Product Security

Reports

Self-Assessments

Legal

Policies

Security Grades

BC/DR

If you think you may have discovered a vulnerability, please send us a note.
Report issue
Built onSafeBase by Drata Logo