Security Overview
Security and data privacy are top priorities of ours.
Aspect Workflows is self-hosted and deployed to customer AWS or GCP cloud accounts where customers have full control over their data.
Compliance
Aspect continues to invest in security best practices and pursue security certifications that matter to our customers.
Our product platform is SOC 2 Type 2 and SOC 3 certified.
Data Privacy
Aspect does not collect any data from customer repositories. However, Aspect does collect data necessary for maintaining and supporting the Product, including operational metrics about Aspect-maintained infrastructure. Aspect also collects information necessary for accurate billing purposes, which includes but is not always limited to, aggregate information about data / workflow processing and the individuals who use it.
Security updates
Security updates address newly discovered attacks reported to Aspect Build Systems, Inc. by the security research community. Disclosures are made confidentially, under the Aspect Responsible Disclosure Policy, allowing for Aspect Build Systems, Inc. to provide security updates to the community prior to public disclosure.
For more information, please see:
Aspect Security Updates A summary of security updates made based on past and on-going security analysis.
Aspect Responsible Disclosure Policy An overview of how security issues are confidentially reported to and addressed by Aspect Build Systems, Inc.
Questions
Have a question about how Aspect handles security or data privacy? Email us at security-requests@aspect.build.