🥇 XYPN Best in Show Winner! Read more ›
CurrentClientCurrentClient
Ask sales (843) 548-8510
Skip to content
SOC 2 Compliant

Your data is safe with us.

Compliant with SOC 2 Type 2 standards. Encrypted at rest and in transit. Hosted on AWS. Continuously monitored.

Request SOC 2 ReportRegulation S-P

Built secure from day one

Encrypted everywhere

Data encrypted at rest (AES-256) and in transit (TLS 1.3). No exceptions.

Least privilege access

Enforce MFA. Permissions scoped to need. Privileged accounts restricted with org-wide controls.

Continuously monitored

Drata monitors 100+ security controls. Annual employee security training. Independent SOC 2 audits.

Infrastructure hosted on AWS

AWS data centers comply with

SOC 2 · PCI DSS Level 1 · ISO 27001 · NIST 800-53 · SEC Rule 17a-4(f)

Security vulnerability disclosure

If you believe you have found a security vulnerability in our systems, we want to hear from you. We take the security of our platform and our customers’ data seriously.

How to report

Please email security@currentclient.com with a description of the issue, the steps to reproduce it, and any relevant details (affected URL, component, or behavior). If possible, include enough information for us to reproduce and validate the finding.

Report a vulnerability

Our commitment

We will acknowledge receipt of your report, investigate promptly, and keep you informed of our progress as appropriate. We ask that you give us a reasonable opportunity to investigate and remediate before any public disclosure.

Guidelines

Please:

  • Make a good-faith effort to avoid privacy violations, data destruction, and service disruption.
  • Do not access, modify, or delete data that does not belong to you.
  • Do not run automated scanning that degrades service availability.
  • Only test against your own account or accounts you are authorized to use.

We do not currently operate a paid bug bounty program, but we appreciate and acknowledge responsible disclosure.

Safe harbor

This policy authorizes good-faith security research conducted consistent with these guidelines. We will not pursue legal action against researchers who act in accordance with this policy.

Security questions?

Our team is happy to walk you through our security practices and compliance standards.

Watch DemoBook a demo