Trust Center

Start your security review
View & download sensitive information
Search items
ControlK

Overview

Welcome to the Druva Information Security Portal. Here you will find details on our Information Security Program that you may need to evaluate and keep informed about Druva Information Security.

The Druva information security program is led by Yogesh Badwe, CSO. The team is responsible for the following areas:

  • Governance, Risk & Compliance
    • Attestations, Certifications & Authorizations (SOC-2, HIPAA, FedRAMP, ISO-27001)
  • Security Operations & Cloud Security
    • Incident Response, Vulnerability Management, Penetration Testing, SIEM
  • Application Security
    • Security Reviews within CI/CD Pipeline, Threat Modeling, SAST, DAST
  • Security.Assurance
    • Third Party Risk Management

The Druva security program has been formalized and staffed continuously for more than the past 5 years. Druva has held continuously SOC-2 attestation and FedRAMP authorization for more than 4 years running.

Compliance

CCPA Logo
CCPA
CSA STAR Logo
CSA STAR
FedRAMP Moderate Logo
FedRAMP Moderate
FIPS 140-2 Logo
FIPS 140-2
GDPR Logo
GDPR
HIPAA Logo
HIPAA
ISO 27001 Logo
ISO 27001
SOC 2 Logo
SOC 2
StateRAMP Logo
StateRAMP
Start your security review
View & download sensitive information

Druva, Inc. is reviewed and trusted by

NASA - National Aeronautics and Space Administration-company-logoNASA - National Aeronautics and Space Administration
Marriott International-company-logoMarriott International
Amgen-company-logoAmgen
Chipotle Mexican Grill-company-logoChipotle Mexican Grill
Forever 21-company-logoForever 21
GameStop-company-logoGameStop
Hitachi America-company-logoHitachi America
Brown-Forman-company-logoBrown-Forman
Anglo-Eastern-company-logoAnglo-Eastern
Gold Peak Investments-company-logoGold Peak Investments
Leica Microsystems-company-logoLeica Microsystems

Documents

HIPAA Report
Security Whitepaper
SOC 2 Report
ISO 27001
Information Security Policy
Network Diagram
Other Reports
SOC 2 Bridge Letter
CAIQ
Cyber Insurance COI
Business Continuity Policy
General Incident Response Policy
Software Development Lifecycle

Product Security

Audit Logging
Data Security
Integrations
View more

Reports

HIPAA Report
Network Diagram
Other Reports
View more

Self-Assessments

CAIQ

Legal

Cyber Insurance COI
Privacy Policy
Terms of Service

Policies

Business Continuity Policy
General Incident Response Policy
Information Security Policy
View more

Security Grades

SecurityScorecard
Security Scorecard
Security Scorecard A grade
Qualys SSL Labs
Druva Cloud Platform Login
A+
inSync Endpoints
A+

If you think you may have discovered a vulnerability, please send us a note.

Report Issue
Powered bySafeBase Logo