top title background image

Security and Privacy

Customer data protection, data control, cloud security, compliance and privacy

Security and data privacy

Joe Security takes security and data privacy very seriously. Apart from Cloud Basic, our community service, Joe Security does not share or use any of your data.

ISO 27001 Joe Security is fully ISO 27001 certified Europe All Data Centers are ISO 27001 certified and located in Europe Private No sharing of analysis reports, samples, IOCs or other artifacts with third parties

Customer security controls

Tenant separation, encryption in transit and at rest, configurable retention, secure deletion, redundant infrastructure, SSO, 2FA, security logs, vulnerability scanning and annual penetration testing.

Customer Data Protection

  • Logical or physical Tenant Separation
  • Encryption In-Transit (TLS 1.2, SSL Labs Grad A)
  • Encryption At Rest (AES-128 or AES-256)

Customer Data Control

  • Configurable Data Retention (1 - 30 days max)
  • Secure deletion at any time (manual or via API)
  • Encryption of Analyses with Customer-provided passwords

Cloud Security

  • Redundant Infrastructure (Joe Sandbox Cloud Pro)
  • DDOS Protection & WAF
  • SSO, 2FA and security log
  • Vulnerability Scanning

Application Security

  • Annual Penetration Testing
  • Vulnerability Scanning

Compliance, privacy and sustainability

ISO 27001 certification, European ISO 27001 certified data centers, GDPR compliance, no third-party sharing of analysis data and sustainability commitments.

Compliance

  • Joe Security is fully ISO 27001 certified
  • All Data Centers are ISO 27001 certified and located in Europe
  • GDPR compliant (DPA available)

Data Privacy

  • No sharing of analysis reports with third parties
  • No sharing of samples, IOCs or other artifacts with third parties
  • No use of IOCs for threat intelligence or feeds

Sustainability

  • Carbon-neutral datacenters
  • Solar energy powered offices
  • Local carbon offsetting projects