Rookout is highly committed to information security management and therefore regularly audited and compliant with security regulations.
Rookout has security deeply integrated into its SDLC with controls such as Software Composition Analysis, Static and Dynamic Application Security Testing, and Security Design and Implementation Reviews. In addition, our production environments use hardened base images and configurations alongside security tools such as Firewall, IDS/IPS, anti-DoS, and more.
Rookout production infrastructure is located in a cloud service provider environment. Production access is restricted to authorized Rookout personnel who undergo specific training and is enabled securely through SSO and MFA.
Rookout has deployed strict security and controls for all endpoints and personnel and conducts regular privacy and security training for all employees. In addition, Rookout regularly undergoes penetration testing and security audits by clients and third-party vendors.