📄️ Personnel Security
Our security posture starts with our people. We have a strong security culture across the entire Virtru organization, in fact that is why many among us joined the company. We incorporate security throughout the employee lifecycle to support this culture.
📄️ Secure Development
Since we are building security products, following a strict development lifecycle is paramount to release quality software. Security checks are inserted into each phase of development from coding to testing to deploying our services.
📄️ Vulnerability Management
An unfortunate reality of the process of developing, providing, and running software is that security vulnerabilities will exist. For this reason, we have established a vulnerability management program that strives to identify vulnerabilities in our applications and infrastructure early and often.
📄️ Vulnerability Disclosure
Virtru considers trust and the protection of our customers’ data as a highest priority. Therefore, Virtru takes the security of our systems extremely seriously.
📄️ Bug Bounty Program
Virtru runs a semi-public bug bounty program through the Bugcrowd platform. Our bug bounty program is core to our external security testing strategy as it ensures that our products and platforms are being continuously tested for security vulnerabilities. The scope of our program covers our client-side software (browser extensions, mobile applications, SDKs, etc.) and SaaS network.
📄️ Data Retention Policies
As a data security and privacy company, protecting customer data is the top priority of Virtru. One of the most important ways to protect customer data is to properly purge it from our systems when no longer in use or needed to fulfill our obligations to our users. We cannot expose what we do not hold.