Source Code Security

Your Source Code is YOURS and yours alone

Rookout never sees nor has access to your source code. It is yours and yours alone. In fact, your code never even reaches the Rookout servers.

When you integrate your source code into Rookout, it remains between your code repository and your local browser. 

The view of the source code is needed only so that you can easily click a line to set a non-breaking breakpoint in your running application, getting visibility to you as quickly as possible. 

When you set a non-breaking breakpoint, the Rookout servers only receive: 

  • File path
  • Line number
  • SHA256 (hash of the file)

Security and Privacy: Enterprise-level security standards

No organization should risk its systems by introducing components that aren’t adequately secured, which is why at Rookout, security comes first. 

Rookout is SOC 2 Type 2 compliant, maintaining the highest security standards and dedicated to the safety of your data. We maintain transparency in our protocols, which are documented and verified. We are regularly audited by an independent certified public accountant to make sure we have the best safeguards and procedures in place.

Rookout is trusted by Fortune-500 companies globally. 

You’re welcome to read more about our security and privacy policies. 

Enterprise-Level Security Standards
External Integrations with SaaS Providers

External Integrations with SaaS Providers

You may import your code from a repository of your choice: GitHub, BitBucket, and GitLab (coming soon).

Rookout meets the principle of least privilege, and to complete the integration it requires as little permissions as possible.

Your source code data remains secure as it travels directly from your code repository to your browser, without going through the Rookout web servers at any point. 

Rookout never makes any changes to your repo or its configuration in any way. We won’t commit, modify pull requests, or install Webhooks.

Rookout Desktop App

The Rookout Desktop App is an open-source, digitally-signed application which lets you access local files from your browser.

The App only listens for connections from localhost and only permits access to folders and directories of your choice.  

Upon the first installation, the App will be paired with your Rookout user to allow automatic authentication using a secure token.

If you are currently using Rookout and still have questions about Security, you’re welcome to contact us.

Rookout Desktop App
Case Study

Rookout for Backblaze

Read how Backblaze uses Rookout to quickly pinpoint issues in staging and production.

Read Now

5 Ways to Slash Debugging Time

Debugging throughout your dev lifecycle

Download Now

The 5 Approaches to Production Debugging

It's a game of mix and match.

Read More

Rookout Never Sleeps

Even if you’re being paged, just give Rookout a shout and we’ll be there for you.

We never stop your app, we always expedite your work.