Cyera Trust Center

Lasting partnerships are built on trust

Cyera ensures our customer data is rigorously protected inline with security, compliance, and privacy frameworks

Information Security Program

We maintain an internal Information Security Program (ISP) that addresses both our products and our general business practices. The ISP ensures a secure environment for our employees, customers, systems, and the data we manage. Our ISP is designed to implement appropriate technical and organizational security measures covering our product environments and related company systems, and covers key areas including access controls, employee training, physical security, network and cloud security, encryption, credential and key management, and software development life cycle policies and practices including security by design. Additional information is available at

SOC 2 Compliance

As part of our commitment to safeguard customer data and maintain excellence in security controls and operations, Cyera submits our platform for an annual SOC 2 Type 2 audit to ensure the appropriate safeguards are applied to customer data and evaluate how well those controls are operating. Cyera’s SOC2 Type 2 report is available upon request and under a non-disclosure agreement. The SOC 2 is a report based on the Auditing Standards Board of the American Institute of Certified Public Accountants' (AICPA) existing Trust Services Criteria (TSC).

ISO 27001 Certification

The Standards Institution of Israel certifies that Cyera operates an Information Security Management System (ISMS) that conforms to the requirements of ISO/IEC 27001:2013.

Certificate Issuance Date: Sep 22, 2022

Expiration Date: Sep 22, 2025

Platform Architecture

As a cloud native platform, Cyera delivers highly scalable and highly available services, with security built in as a first principle. The service is designed to limit the information processed outside of a customer’s cloud environment. Customer data never crosses regions; all data analysis occurs in the same region where the data was originally discovered. Cyera connects to customer environments using cloud-native APIs, which means that no agents are deployed.

Data is encrypted across the Cyera platform at all times, both at rest and in transit. All communication is encrypted using TLS 1.2 or higher. All data managed by the platform is encrypted at the database or volume level using AES-256 encryption.

Cyera’s architecture, engineering, product, and operations teams are experienced cyber security experts from both the public and defense sectors. Each team follows strict, secure software development lifecycle (SSDLC) procedures and best practices. All platform code is peer reviewed and passes SAST and SCA scans; SAST scans the application code to discover faulty code posing a security threat, while SCA scans ensure application code is free of vulnerabilities and license violations in open-source dependencies.

Additionally, we conduct annual 3rd party penetration test exercises on our infrastructure and applications, or when major architectural changes are made to the platform. Any high criticality findings are triaged and fixed immediately.

A full platform security architecture document, that includes the information from this trust center, along with backend security, access control mechanisms and more, is available upon request

Infrastructure Subprocessors

We engage the following infrastructure subprocessors to help provide our products to our customers.

Sub-processor Storage Location Purpose
Amazon Web Services, Inc. USA Hosted Services Provider
Google Cloud Platform USA Hosted Services Provider
Microsoft Azure USA Hosted Services Provider
Snowflake USA Data analytics warehouse
Frontegg USA User authentications
Coralogix USA Internal application Log collection. No user information collected
Workato USA Integrations hub

* Classification of customers data is performed in a cloud service environment at the customer’s country

Request Additional

By submitting the form, you are agreeing to our privacy policy

Thank you!

Your submission has been received!
Oops! Something went wrong while submitting the form.