Overview
This page provides an overview of security programs at Compaas. For any security related questions that haven't been addressed on this page, please email us at security@compa.as.
Compliance


Risk Profile
Product Security
Reports
Data Security
App Security
Legal
Access Control
Infrastructure
Endpoint Security
Network Security
Corporate Security
Security Grades
Trust Center Updates
Compaas takes security and data privacy seriously. After careful review of our infrastructure and SBOM, Compaas Security has determined that we are not currently vulnerable to the OpenSSL 3 vulnerabilities CVE-2022-3602 and CVE-2022-3786 that were disclosed on November 1, 2022.
OpenSSLV3 culnerability background
To learn more about this vulnerability: https://www.openssl.org/news/vulnerabilities-3.0.html
Compaas has recently completed our 2022 SOC 2 Type II compliance process. Updated penetration testing and SOC 2 Type II audit reports are available from the trust portal. You may download these directly from https://security.compa.as.
Compaas has updated the subprocessor list for our products and services. This list is available on our security portal. Please contact privacy@compa.as for any questions regarding this subprocessor information.
If you think you may have discovered a vulnerability, please send us a note.