The security and privacy of our customers' personal, company, and intellectual property data, are top priorities at Octopus. We're dedicated to maintaining and continuously improving our security and compliance programs.
We undergo regular third-party audits and technical assessments of our data security to ensure privacy and safety. Our security credentials include:
We also provide a CSA Consensus Assessment Initiative Questionnaire (CAIQ) lite, which is a convenient, standards-based, mechanism for aligning different compliance frameworks with our own.
Email our compliance team for more information about our commitment to the above standards.
Proactive platform security
We perform ongoing security testing, including:
- Vulnerability scanning
- Penetration testing
- External testing via our Bugcrowd bug bounty program
Every year Octopus undergoes a security review conducted by a third-party company. Download our annual security assessment to find out more.
We also tell you about problems as soon as we know about them, with real-time status updates.
See our trust report for a comprehensive, real-time look at our security controls, policies, and compliance reports.
Our Security, Trust, and Operations teams build security into all our processes.
Our secure, industry-standard development practices help prevent security threats.
Alongside built-in account management and Octopus ID, we support major authentication providers out-of-box.
- Username and password
- Active Directory authentication
- Azure Active Directory authentication
- GoogleApps authentication
- LDAP authentication
- Okta authentication
- Guest login
Our customer agreement, signed by over 20,000 companies, governs the use of Octopus Deploy. Please note that we have separate product terms regarding Octopus Server, Octopus Cloud, priority support terms, and TAM services terms.
We don't negotiate on our customer agreement. It allows us to standardize and keep our costs down.
We strongly believe in privacy. Octopus complies with the European Union's General Data Protection Regulation (GDPR).
Octopus Cloud acceptable use policy
We want you to have the best possible experience with Octopus Cloud, but without affecting--or getting affected by--others.
Our acceptable use policy outlines how you should use Octopus Cloud and how you shouldn't.
Other legal documents
- Our vendor profile has most of the information you need
- We provide a W8-BEN-E form as an Australian company (rather than a W9)
- D-U-N-S® number: 747191893
- Employer Identification Number (EIN): 98-1163259
- Australian Business Number (ABN): 69 160 339 186
- North American Industry Classification System (NAICS) number: 511210 (Software Publishers)
- Export Control Classification Number (ECCN): EAR99 (no CCATS number)
- We're a resident of Australia for income tax purposes. See our 2022 certificate and 2023 certificate.
- Airwallex Bank account verification letter.
For more information
Email us for more information about our security credentials and the security features of our product.