SolarWinds Trust Center
Secure by Design – and secure by default
SolarWinds follows a defined software development methodology designed to increase the resiliency and security of our products. This process follows U.S. federal guidelines for secure software development as described in the National Institute of Standards & Technology Secure Software Development Framework (SSDF). Additionally, we follow guidelines described in the Enduring Security Framework (ESF) and the Executive Order on Improving the Nation’s Cybersecurity (EO 14028).
- We have formed a cross-functional team of experts to review these guidelines and adjust our processes as required
- We conducted a thorough gap analysis of our development process against the controls recommended in the SSDF
- We identified which controls we met or did not meet
- We then adjusted our processes to meet the unmet controls, or developed alternate secure processes
- A detailed description of this process and our findings can be found here
We strive to implement and maintain appropriate administrative, physical, and technical safeguards, security processes, procedures, and standards designed to protect the confidentiality and security of our customer data.
Vendor Data Protection Requirements
Third-party vendors are used to provide SolarWinds with various goods and services to help facilitate its business. Before entering any third-party relationships, we take deliberate steps to assess the risk related to the vendor relationship. We take care to understand the compliance, reputational, strategic, operational, and transactional risks relating to a particular vendor before entering into a contractual relationship.
Your privacy matters to us
Our privacy notice
We are committed to protecting the privacy of visitors to the SolarWinds website(s), individuals who register to use the products and services, individuals who register to attend our corporate or other events, and business partners.
We hold ourselves to high standards of excellence
ISO/IEC 27001 is a specification for an information security management system (ISMS), which is a framework for an organization's information risk management processes.
This certification covers all our products, major locations supporting the development, maintenance, operations, support, and services in the following locations:
- Austin, Texas
- Charlotte, North Carolina
- Reston, Virginia
- Brno, Czech Republic
- Cork, Ireland
- Krakow, Poland
- Taguig City, Philippines
- Netanya, Israel,
- Bengaluru, India
To verify certification status please click on the following link:
System and Organization Controls (SOC 2) is a regularly refreshed report that focuses on non-financial reporting controls as they relate to security, availability, and confidentiality of a cloud service.
We currently offer SOC2/Type 2 reports for:
- SolarWinds® AppOptics™
- SolarWinds Pingdom®
- SolarWinds Loggly®
- SolarWinds Database Performance Monitor
- SolarWinds Service Desk
We currently offer SOC2/Type 1 report for:
- SolarWinds Observability
To request a specific certification for an audit, please click here and complete the form.
General Data Protection Regulation (GDPR) and other privacy regulations
We have made information security and data privacy foundational principles of everything we do, and we recognize the importance of passing regulations to advance information security and data privacy for citizens of the EU and elsewhere in the world. By designing products with privacy and security in mind, we are able to provide you with products that help you meet various aspects of these compliance regimes and to support you in creating a more secure environment.
The Sarbanes-Oxley Act (commonly referred to as SOX) establishes a stricter protocol for internal controls that affect financial reporting and security within publicly traded companies. As SolarWinds is a publicly created company, it needs to comply with these regulations.
SolarWinds Federal Product Certifications
The Federal government is an important customer to SolarWinds, and we’re committed to meeting your product certification needs. You can learn more here:
All the legalese
SolarWinds Legal Documents
Tim Brown serves as Vice President of Security for SolarWinds, overseeing internal IT security, product security, and security strategy. Tim has over 20 years of experience developing and implementing security technology. As a former Dell Fellow and CTO, Tim deeply understands the challenges and aspirations of technology and security professionals. Tim also holds 18 issued patents on security-related topics.
Jason W. Bliss has served as our Executive Vice President, Chief Administrative Officer, General Counsel, and Secretary since April 2021 and has served in various roles at SolarWinds since 2008. Prior to joining the company, Mr. Bliss was an associate at DLA Piper LLP (US), specializing in mergers and acquisitions, capital market transactions, and technology licensing. Prior to DLA Piper, Mr. Bliss was a technology consultant with Accenture.
Chip heads Government Affairs at SolarWinds, assessing legislative and regulatory environments as well as liaising with policy and federal administration leaders and agencies. A retired U.S. Army officer, he served as the Chief of Staff of all U.S. forces in Afghanistan. Chip ran the U.S. Army team in the Pentagon which liaised with the U.S. Congress to craft the annual National Defense Authorization Act (the “defense bill”) in 2020.