Security and Compliance
Our security and compliance controls overview is available on our website's Security page.
For enterprise customers, our sales team can provide the following resources to expedite security review:
SOC 2 Type 2 report covering security, availability, and confidentiality from A-LIGN
Independent Penetration Test report from A-LIGN
Company policies and controls
PixieBrix uses Drata to continuously monitor our compliance posture.
Frequently Asked Questions
What security certifications do you have?
PixieBrix has completed a SOC-2 Type 2 with A-LIGN covering the following trust criteria:
Security
Availability
Confidentiality
You can find an overview of our controls on our website's Security page.
Has PixieBrix been independently audited?
Annual Penetration Test: our latest independent penetration test report by A-LIGN is available upon request
PixieBrix completed the Google Cloud Application Security Assessment (CASA)
The Google Chrome Web Store team reviews the extension prior to publishing in the Chrome Web Store
Our browser extension is source-available on GitHub
Where is your Data Stored?
PixieBrix servers are managed by Salesforce Heroku and Amazon Web Services in the United States.
PixieBrix does not transmit/store browsing data unless you build mods that transmit that data to us (e.g., for Storing Data with Team Databases)
Last updated