Blackbird utilizes enterprise-grade best practices to protect our customers’ data.
Continuous Security Control Monitoring
Blackbird uses Drata’s automation platform to continuously monitor 100+ internal security controls across the organization against the highest possible standards. Automated alerts and evidence collection allows Blackbird to confidently prove its security and compliance posture any day of the year, while fostering a security-first mindset and culture of compliance across the organization.
Hosting Environment and Physical Security
Blackbird is hosted on public cloud infrastructure from Microsoft Azure. Azure maintains high standards of security for their data centers. You can read further about Azure's security here.
Blackbird supports hosting in various cloud regions, at the customer’s option.
Employee Trainings
Security is a company-wide endeavour. All employees and contractors at Blackbird complete an annual security training program and employ best practices when handling customer data.
Penetration Tests
Blackbird works with ISSP -Information Systems Security Partners, an industry leading firm to perform recurring network and application layer penetration tests.
Secure Software Development
Blackbird utilizes a variety of manual and automatic data security and vulnerability checks throughout the software development lifecycle.
Data Encryption
Data is encrypted both in-transit using TLS and at rest.
PCI and Payment Details
Blackbird uses PCI Compliant Level 1 audited payment processor Stripe for processing credit card payments for our services.
SOC2 Ready ✅
Blackbird works with SSF - Sensiba San Filippo, an industry leading firm for System and Organization Control Reporting (SOC).
Vulnerability Disclosure Program
If you believe you’ve discovered a bug in Blackbird’s security, please get in touch at [email protected]. Our security team promptly investigates all reported issues.
