SECURITY, PRIVACY AND CONTROL

Your secure code is private.
Arnica is your trusted partner.

Arnica Security Value
why trust arnica

Security that meets the highest industry standards

Compliance & Certifications

Protection symbol logo
SOC 2 Type 2
The components of the Arnica platform are SOC 2 Type 2 compliant. Arnica undergoes a SOC 2 Type 2 examination of our security controls against the AICPA defined standards on an annual basis with a third party audit firm to ensure the security of our platform and its supporting infrastructure.
Protection symbol logo
ISO 27001
ISO 27001 is a globally recognized standard for the establishment and certification of an Information Security Management System (ISMS). Our entire information security program is built on the ISO 27001 framework and we complete re-certification and surveillance audits annually.

Security best practices

Infrastructure security
Hosted on a leading cloud infrastructure provider (AWS) with complete network and perimeter protection.
Customer data protection
Logical tenant separation, encryption in-transit (TLS 1.2, TLS 1.3) and encryption at-rest (AES 256).
External security assessment
Security education and awareness training. 24x7 monitoring and incident response. Vendor risk management.
Disaster recovery
Built on the ISO 27001 framework, coupled with the robustness of the AWS infrastructure, Arnica's platform supports a multi-site disaster recovery plan, processes and framework.
99.9% uptime
Built on the ISO 27001 framework, coupled with the robustness of the AWS infrastructure, Arnica's platform provides the highest level of of uptime support.

Learn more about Arnica's security posture

Privacy Policy
The official source for all things data privacy at Arnica.
Legal Overview
Your one single source location for the terms of use for the Arnica platform.
Data Handling
This article explains what Arnica does with the data ingested from your DevOps tools.

Frequently Asked Questions

Where is Arnica's product infrastructure hosted?
Does Arnica have a Soc 2 Type 2 report?
What is Arnica's uptime commitment?
How Does Arnica encrypt data?
How do I set up Single Sign On (SSO)?
How do I control & restrict access to the Arnica product?
What third-party vendors will have access to my data?