We are committed to providing a secure platform for our customers.
In addition to internal testing and audits, we partner with third-party security experts for dynamic application scanning, penetration testing, and static code analysis.
Our servers are hosted in in PCI DSS and ISO 27001 certified facilities. Data is separated by customer and backed up frequently.
We support Responsible Disclosure of vulnerabilities. If you believe you have discovered a vulnerability in the Ombud platform, please contact our security team at security (at) ombud (dot) com with any supporting information. Our public key is available.