Skip to content

Trust and Compliance

We are committed to safeguarding the information in our custody and under our control. Our Operational Risk program is dynamic and proactive allowing us to stay abreast of the latest changes and enhancements to the ever-evolving global compliance landscape. We have implemented practical and sound administrative, technical, and physical safeguards to protect against unauthorized access, use, modification and disclosure of this information. This is a responsibility that we take seriously, and we have strong internal controls around change management and employee accountability.




SOC2 Type II

Contrast has been audited against the AICPA SOC standards since November 2016. Contrast is audited for controls related to: Availability, Confidentiality, Privacy and Security, and the audit also maps to HITRUST controls.

To request our latest SOC2 Type II report, please email or reach out to your account management team. 

Our SOC3 report is coming soon! Stay tuned!

Contrast is committed to achieving FedRAMP “in process” designation by YE 2023. FedRAMP designation, coupled with Contrast’s products and other significant controls such as SOC2 Type II, will further demonstrate our best-in-class security product, standards and compliance in support of our customers and will further the goal of a software-secure world. Contrast has partnered with an industry leader in compliance automation to accelerate the process.

Security Practices

Keeping your data secure is critical to us at Contrast. We follow industry best practices in application, network, and product security to ensure that your data is safe. We envision a world where we can trust software with the most important activities of humanity. We love software, and it hurts us to see it misused to cause harm to others. As a security company, we not only protect our business, but yours as well.  Contrast is committed to the highest standards of application and network security for our hosted products. At the core of our approach to security is a commitment to transparency – across our protections, processes, and even potential issues.

Privacy Policy

Contrast is primarily responsible for the management of any PI that you voluntarily provide us and that is used with our affiliates or third parties. We do not provide your information to third parties for marketing purposes without your prior consent. We never sell your data.


Privacy Policy





Want to report a security concern?

Please see our Vulnerability Disclosure Policy or email us at