SOC 2 Type II Certified
Security and privacy at Mendable
We take security and privacy very seriously at Mendable. Take a look at our security features below.
Encryption in transit
Mendable uses TLS 1.2 or higher everywhere data is transmitted over potentially insecure networks..
Penetration Testing
Mendables engages with one of the best penetration testing firms in the industry, Oneleet, at least once a year. Email us to request a full report.
Vulnerability Scanning
Mendable uses automated vulnerability scanning tools to identify potential vulnerabilities in our applications and infrastructure.
Endpoint protection
All corporate devices are centrally managed and are equipped with device management software and anti-malware protection. Endpoint security alerts are monitored with 24/7/365 coverage.
Security education
Mendable provides comprehensive security training to all employees upon onboarding and annually through educational modules through Vanta’s platform.
SSO
Mendable provides SSO features for enterprises to manage their users and access to Mendable.
What security frameworks is Mendable compliant with?
Mendable is SOC 2 Type II compliant. Additionally, we will soon be making strides to become complaint in ISO 27K:2022 and GDPR.
Where does my data go when it is ingested to Mendable?
When you ingest your data into the Mendable ecosystem, it is stored on our database provider. However, your data is not used to train the underlying OpenAI models. OpenAI may hold onto conversation data for up to 30 days for content moderations purposes, however it will be subsequently deleted.