Octopus Deploy Trust Center

Thousands of DevOps teams trust Octopus to automate their deployments and operational tasks.

The security and privacy of our customers' personal, company, and intellectual property data, are top priorities at Octopus. We're dedicated to maintaining and continuously improving our security and compliance programs.

Compliance and regulations

We perform regular third-party audits and technical assessments of our data security to ensure privacy and safety.

Our security credentials include:

  • ISO 27001:2013
  • GDPR
  • CCPA

ISO certification mark

GDPR logo

Email our security team if you have questions or specific security needs.

Enterprise compliant

Octopus undergoes ISO 27001 certification every year, performed by a third-party auditor.

Download our ISO 27001 certificate.

Proactive platform security

We perform ongoing security testing, including:

  • Vulnerability scanning
  • Penetration testing
  • External testing via our Bugcrowd bug bounty program

Every year Octopus undergoes a security review conducted by a third-party company. Download our cloud portal assessment and annual security assessment to find out more.

We also tell you about problems as soon as we know about them, with real-time status updates.

Security operations

Our Security, Trust, and Operations teams build security into all our processes.

Our secure, industry-standard development practices help prevent security threats.

Product Security

Secure by design

Data encryption

We already encrypt data we believe is sensitive, but you can encrypt any variables you want to protect.

Secure communications

Octopus communicates with deployment targets using transport encryption and tamper-proofing techniques.

Simpler auditing

Create a culture of team trust and accountability. Every action is traceable in Octopus's extensive audit logs.

Access control

Set controls for different teams in your organization with single sign-on (SSO) and role-based access control (RBAC).

Audit log streaming in Octopus Deploy

Security admin controls

Verify team members and control who can do what in Octopus.

The tools include:

  • Identity and access control
  • HTTP security controls
  • Single sign-on (SSO)
  • IT service management (ITSM) integrations for enterprise customers

Learn more about product security

Integrations

Authentication providers

Alongside built-in account management and Octopus ID, we support major authentication providers out-of-box.

  • Username and password
  • Active Directory authentication
  • Azure Active Directory authentication
  • GoogleApps authentication
  • LDAP authentication
  • Okta authentication
  • Guest login

Learn more about authentication providers

EULAs & legal

Legal documents and policies

Customer agreement

Our customer agreement, signed by over 20,000 companies, governs the use of Octopus Deploy.

We don't negotiate on our customer agreement. It allows us to standardize and keep our costs down.

Privacy policy

We strongly believe in privacy. Octopus complies with the European Union's General Data Protection Regulation (GDPR).

Read our privacy policy to understand what data we collect and how we use it.

Octopus Cloud acceptable use policy

We want you to have the best possible experience with Octopus Cloud, but without affecting--or getting affected by--others.

Our acceptable use policy outlines how you should use Octopus Cloud and how you shouldn't.

Other legal documents

  • Our vendor profile has most of the information you need
  • We provide a W8-BEN-E form as an Australian company (rather than a W9)
  • D-U-N-S® number: 747191893
  • Employer Identification Number (EIN): 98-1163259
  • Australian Business Number (ABN): 69 160 339 186
  • North American Industry Classification System (NAICS) number: 511210 (Software Publishers)
  • Export Control Classification Number (ECCN): EAR99 (no CCATS number)
  • We're a resident of Australia for income tax purposes. See our 2021 certificate and 2022 certificate.
  • Silicon Valley Bank account verification letter.

For more information

Email our security team if you still have questions about our security credentials or the security of our product.