Start your security review
View & download sensitive information
Search items
Overview
Welcome to the Druva Information Security Portal. Here you will find details on our Information Security Program that you may need to evaluate and keep informed about Druva Information Security.
The Druva information security program is led by Yogesh Badwe, CSO. The team is responsible for the following areas:
- Governance, Risk & Compliance
- Attestations, Certifications & Authorizations (SOC-2, HIPAA, FedRAMP, ISO-27001)
- Security Operations & Cloud Security
- Incident Response, Vulnerability Management, Penetration Testing, SIEM
- Application Security
- Security Reviews within CI/CD Pipeline, Threat Modeling, SAST, DAST
- Security.Assurance
- Third Party Risk Management
The Druva security program has been formalized and staffed continuously for more than the past 5 years. Druva has held continuously SOC-2 attestation and FedRAMP authorization for more than 4 years running.
Compliance
CCPA
CSA STAR
FedRAMP Moderate
FIPS 140-2
GDPR
HIPAA
ISO 27001
SOC 2
StateRAMP
Start your security review
View & download sensitive information
Documents
HIPAA Report
Security Whitepaper
SOC 2 Report
ISO 27001
Information Security Policy
Network Diagram
Other Reports
SOC 2 Bridge Letter
CAIQ
Cyber Insurance COI
Business Continuity Policy
General Incident Response Policy
Software Development Lifecycle
Product Security
Audit Logging
Data Security
Integrations
View more
Reports
HIPAA Report
Network Diagram
Other Reports
View more
Self-Assessments
CAIQ
Legal
Policies
Business Continuity Policy
General Incident Response Policy
Information Security Policy
View more
Security Grades
SecurityScorecard
Security Scorecard
Qualys SSL Labs
Druva Cloud Platform Login
A+
inSync Endpoints
A+
If you think you may have discovered a vulnerability, please send us a note.