Overview
LaunchDarkly undergoes an annual SOC 2 Type II audit to validate that its security controls, such as policies, access controls, change management, data backup and recovery, and monitoring, are designed appropriately and operating effectively over time.
In addition to SOC 2, LaunchDarkly is certified under ISO 27001, an international standard that specifies requirements for an information security management system (ISMS). The LaunchDarkly security program also includes ISO 27701, a privacy extension to ISO 27001, and FedRAMP Moderate authorization for eligible customers using the LaunchDarkly federal environment.
LaunchDarkly also engages third parties to conduct regular penetration testing to evaluate the security of its platform.
These certifications and assessments provide assurance that LaunchDarkly maintains strong security practices and safeguards customer data.
Solution
Follow these steps to access LaunchDarkly customer assurance documents, including SOC 2, ISO 27001, ISO 27701, and penetration testing reports:
- Visit the LaunchDarkly Trust Center (Vanta)
- Click Request access.
- Follow the prompts to request access to the LaunchDarkly security, privacy, and customer assurance documents.
Access to certain documents requires acceptance of an automated non-disclosure agreement (NDA) as part of the Trust Center workflow. Once the NDA is completed (if required), access is granted automatically.