Sourcegraph has launched its own Security Trust Portal via Safebase, which is our 'One Stop Shop' to all of Sourcegraph's latest information on the security, reliability, privacy, and compliance of our product. Our Security Trust Portal allows us to proactively gather and send our crucial security information to customers and prospects. Once created, we can control who has access to it for how long and place sensitive material behind a built-in NDA workflow.

How to share Evidence of Attestations

Please share the link below to our Security Trust Portal with our customer or prospect and they will be able to sign-up and request full access to attestations (SOC 2 reports, pen-test results) as well as see the latest public information on our information security and compliance practises and posture.

Security Trust Portal

Once access has been requested by the client/prospect on the portal, a notification will be sent to our #safebase slack channel where CE will approve the request (including initiation of a NDA workflow if there is no pre-existing NDA in place) and grant permissions to the requester to view and download all private information, including all attestations and reports.

What should I use our Security Trust Portal for

https://storage.googleapis.com/sourcegraph-assets/KnowledgeBase-Safebase-Security-Trust-Portal.png

My access to the Security Trust Portal

Everyone at Sourcegraph has access to our Security Trust Portal and can log in through Okta to view and access all the documents and information on the Portal as well as search the Knowledge Base (Q&A catalog).

You will find a Safebase tile in your Okta just like in the image below.

https://storage.googleapis.com/sourcegraph-assets/Safebase-Okta-Tile.png

Who is responsible for what

Please see below which team will be responsible for the different elements of up-keep and servicing of the Security Trust Portal:

SDR:

CE: