Rookout is the #1 debugging platform for Fortune 500 companies and regulated industries

Get a Demo Talk to an expert

Access control

  • Utilize strict Role-Based Access Controls to grant granular authorizations for your users.
  • Seamlessly authenticate with your SSO and MFA providers to keep user accounts secure.
  • Customize available data integrations based on your needs.
  • Configure Data Redaction to prevent sensitive data from being extracted from remote environments.
  • Review and export full audit logs for all user and administrator activity.

Source code

  • Rookout securely loads the source into the browser from your Git provider or local machine.
  • Your source code is never processed or stored in the Rookout cloud.

Data governance

  • Maintain complete control over your data by using Rookout hybrid architecture.
  • Easily Deploy multiple Rookout data store to meet privacy and security regulations.
  • Enjoy the superb simplicity, quality and support that comes with SaaS products.

Compliance and privacy

  • Rookout is regularly audited for SOC 2 Type 2 and ISO 27001 compliance.
  • Rookout is compliant with GDPR, CCPA, and HIPAA.
  • Rookout is constantly adding new compliance standards

Product security

Rookout has security deeply integrated into its SDLC with controls such as Software Composition Analysis, Static and Dynamic Application Security Testing, and Security Design and Implementation Reviews. In addition, our production environments use hardened base images and configurations alongside security tools such as Firewall, IDS/IPS, anti-DoS, and more.

Physical security

Rookout production infrastructure is located in a cloud service provider environment. Production access is restricted to authorized Rookout personnel who undergo specific training and is enabled securely through SSO and MFA.

Corporate security

Rookout has deployed strict security and controls for all endpoints and personnel and conducts regular privacy and security training for all employees. In addition, Rookout regularly undergoes penetration testing and security audits by clients and third-party vendors.