Secure Data Platform

Security

We designed privacy, security, and access control into every aspect of our product and software, down to the infrastructure that powers it all. The entire Software.com team, from engineering to operations, works hard to earn your trust.

Documentation

Our Git integrations only collect metadata about your organization’s activity. We never read, transmit, or store source code.
Browse the docs

Security Policy

We ensure that we never collect more data than we need, protect all personal information, and secure everything that could be considered sensitive.
Read our policy
SOC 2

Trust Center

We are fully SOC 2 Type 2 compliant. We partner with Drata, a continuous compliance platform, to monitor our security posture on an ongoing basis.
See our compliance report
Software.com SOC 2
Trusted by over 700K developers and 10K companies across the globe
Privacy and Security

Your data is protected at every step

Our mission is to uphold the integrity of your data through state of the art security and industry best practices. We securely store, process, and analyze your data so that you can use the Software.com platform with confidence.
See all integrations
Schedule a demo

Never reads code

We never read, transmit, or store source code. We do not edit or modify code or files.

Read-only access

We request minimum permissions and use read-only API calls to analyze GitHub metadata while keeping your data private.

Data encryption

We encrypt all data at rest in databases, backups, and storage. All data processing, transformations, and queries are done without ever being able to see sensitive data.

SOC 2 compliant

We are SOC 2 Type 2 compliant and monitor our security posture on an ongoing basis.

FAQs

We’re here to help as you get set up. Get in touch with our team if you have questions.

Contact us
What data do you collect?

Our Git integrations only collect metadata about your organization’s activity. We never read, transmit, or store source code. Some of the APIs we request permission to access include:

  • Repository contents (includes commits), pull requests, and issues
  • Organization members and projects

After the initial sync, our app subscribes to ongoing webhook events to provide you with real-time data. Some examples of the events that we subscribe to include:

  • Push
  • Pull request
  • Pull request review
  • Pull request comment
  • Release

You can learn more about the data we collect in our documentation.

Do you read code?

We never read, transmit, or store source code.

How do you handle sensitive data?

Sensitive data, such as branch names and pull request titles, are always encrypted.

What PII do you collect and why?

Software.com uses email addresses or usernames of software developers within the connected SCM tool to allow users of Software.com to identify developers within groups or teams. This data is always transmitted over encrypted channels and encrypted when stored.

Who should I contact if I have additional questions?

Send us an email at support@software.com if you have any additional questions.

Get started in minutes

When you sign up, you’ll get immediate access to insights from our global data platform of more than 700K developers around the world.

Connect a Git providerSchedule a demo