SOC 2 Compliance & Certification - TestRail

TestRail SOC 2 Compliance & Certification

TestRail has robust security measures and controls embedded into our processes and procedures. We take this responsibility to our customers seriously, especially since more than 10,000 organizations like NASA, Apple, Microsoft, Activision Blizzard, and Amazon trust TestRail to power their QA and test management processes. Our customers can rest assured knowing their information is secure and always available.

In addition to regular internal reviews, we undergo independent, third-party audits to verify our security, privacy, and data management standards and achieve certifications of compliance, like Security and Organization Controls (SOC) reports.

About SOC 2 Certifications

SOC reports are independent, third-party reports on an organization’s procedures around security, availability, processing integrity, confidentiality, and privacy.

SOC 2 reports are based on the Auditing Standards Board of the American Institute of Certified Public Accountants’ (AICPA) existing Trust Services Criteria (TSC).

TestRail Security Practices

TestRail maintains compliance with SOC 2 auditing procedures and has received a SOC 2 Type 1 certification. To produce the SOC 2 report, all of TestRail’s control, security, and risk management processes are reviewed by an independent third-party auditing firm, including but not limited to:

  • 24/7 Proactive Monitoring: All our systems are continuously monitored for security, availability, and performance
  • SSL/HTTPS Encryption: Communication with our servers is securely encrypted using SSL, HTTPS, and TLS
  • Automatic Updates: Benefit from complete maintenance with an automated system and application updates
  • Professional Data Centers: We exclusively use leading data center providers with excellent physical security controls
  • System & Data Backups: All our systems are regularly backed up for disaster recovery and system outages
  • Data Protection: We are bound to very strict German and European data protection laws
  • High Availability: Full redundancy of all important systems and world-class data connectivity
  • Database Isolation: Separation of customer data with database-level isolation and access permissions
  • Access Permissions: Fine-grained access control via system permissions, roles, and network addresses

To learn more about TestRail’s security processes or for other compliance-related information, visit our Policies & Procedures page or submit the contact request form below.

“I compared different tools and TestRail was much better than others. TestRail works really fast, has a clean, simple UI, a really good workflow, and intuitive test case management.”

– Gled Budko, Autodesk, Inc.

You are in good company.

TestRail is used by thousands of great teams, both small and large.