We respect your privacy.

We use strictly necessary cookies to keep you signed in and to protect against CSRF. With your permission we also use a small amount of first-party analytics to improve the product. We do not sell your data and we do not use third-party advertising trackers. See our cookie policy and privacy policy .

Crawlmind
← Trust Center

Penetration testing

How we test the security of the product from the outside, and how to get the results.

Our program

We engage independent, third-party security firms to perform external penetration tests of the application and its public surface. Tests cover the OWASP Top 10 categories along with authentication, authorization, and tenant-isolation checks specific to a multi-org SaaS.

Remediation

Findings are triaged by severity. High and critical issues are prioritized for prompt remediation and re-tested to confirm the fix before the engagement is closed.

Getting the summary

A redacted summary or letter of attestation from the most recent engagement is available to customers and active prospects under NDA. Email [email protected] and we will respond within two business days. We do not publish unredacted reports, since they describe specifics of our infrastructure.