We use cookies to give you the best experience on our website. If you continue to browse, then you agree to our privacy policy and cookie policy. Image for the cookie policy date
Syncfusion Feedback

Security information
line

SOC 2 Compliance SOC 2® Compliance

We have received our SOC 2® Type 2 certification and continue to renew and monitor via Tugboat Logic/OneTrust along with yearly audits. Click here to learn more about the certification.

Privacy & GDPR Privacy & GDPR

Syncfusion recognizes that protecting privacy requires a comprehensive security program. Syncfusion strives to be GDPR-compliant, and we handle our customers’ personal data with great care and respect, as outlined in our privacy policy and Terms of use. We monitor on a continuous basis.

Datacenter Security Datacenter Security

Syncfusion infrastructure is hosted on Microsoft Azure. Microsoft is deeply committed to securing the underlying infrastructure we build on and continuously expanding their compliance programs.

Payment Security Payment Security

Syncfusion uses a PCI-compliant payment processor for encrypting and processing credit card payments. We have partnered with PayPal and Stripe to securely handle sensitive payment processing data. Syncfusion does not have access to customers’ credit card data at all.

Penetration Testing Penetration Testing

Syncfusion undergoes regular penetration testing by our in-house security experts and development team. A yearly detailed penetration test is performed by third-party security experts to confirm the security of our products and environment.

Secure By Design Secure by Design

Every change and new feature is governed by a change management policy. Code is screened with standard code analyzer tools, and a manual review process.

Backup Backup

Data is continuously backed up in secured way to ensure that we can restore access to your data and the service in the unlikely event. Our monitoring system alerts us to any problems, and we have staff on-call at all times to handle any unexpected incidents.

Monitoring and Alerting Monitoring and Alerting

Our application and the underlying infrastructure components are actively monitored 24/7. Our engineers are immediately notified in case of an outage.

Vulnerability Scans Vulnerability Scans

Syncfusion uses security tools to continuously scan for vulnerabilities. Additionally, vulnerabilities in third-party libraries and tools are monitored and software is patched or updated promptly when new issues are reported. We use HostedScan to scan our websites for vulnerabilities regularly. It includes the OWASP ZAP, OpenVAS, and Nmap tools. It actively tests web applications for SQL injection, remote command execution, XSS, and other vulnerabilities. Passive testing involves checking web applications for cross-domain misconfigurations, insecure cookies, vulnerable JS dependencies, and other vulnerabilities.

We also use Vega and Burp Suite Community Edition for testing our applications.

Uptime Uptime

Syncfusion has a 99.9% uptime or higher. If our systems require maintenance or a brief outage, clients will be notified in advance.

To learn more about our security practices, refer to our Security Management Report.