Cerebrium is GDPR and and SOC 2 Type I compliant which means we enforce certain security standards and protocols. Our compliance is continually monitored through Vanta. Please reach out to security@cerebrium.ai if you would like more information regarding our security compliance and implementations.

Infrastructure Security

  • Cerebrium frequently performs vulnerabilities scans and these vulnerabilities are remediated based on the time frame set out in our incident response plan.
  • Cerebrium conducts annual business continuity and security incident exercises. This is a requirement to remain SOC 2 compliant.
  • Cerebrium has daily database backups enabled.
  • Employee Computers are frequently monitored via the Vanta agent.
  • Multi Factor Authentication (MFA) is enforced across all platforms relating to Cerebrium.
  • Cerebrium uses logging and metrics observability providers, including Datadog and BugSnag.

Organizational Security

  • Cerebrium employees are subject to a general security awareness training during their onboarding period.
  • Cerebrium regularly audits employee access to internal systems.
  • Employee Computers are frequently monitored via the Vanta agent.
  • Multi Factor Authentication (MFA) is enforced across all platforms relating to Cerebrium.

Product Security

  • Cerebrium frequently performs vulnerabilities scans and these vulnerabilities are remediated based on the time frame set out in our incident response plan.
  • Cerebrium conducts annual business continuity and security incident exercises. This is a requirement to remain SOC 2 compliant.
  • Cerebrium enforces HTTPS for all services using TLS (SSL), including our Cerebrium Dashboard and our Cerebrium Python package.
  • Cerebrium maintains access logs across all its infrastructure services.
  • Software dependencies are audited by Github’s Dependabot.
  • User data is encrypted at rest.

Internal Security Procedures

  • Cerebrium frequently performs vulnerabilities scans and these vulnerabilities are remediated based on the time frame set out in our incident response plan.
  • Cerebrium regularly audits employee access to internal systems.
  • Cerebrium conduct annual business continuity and security incident exercises. This is a requirement to remain SOC 2 compliant.

Data and Privacy

  • Cerebrium deletes customer data upon request
  • User data is encrypted at rest.
Legacy YAML ConfigReliability and Scalability