Supplier Shield logo vendor risk management solution


Documentation of our compliance against global standards including certifications, attestations, audit reports, security and policies
ISO 27001 Certificate
Data Protection
ISO 27001 Certificate
Data Protection


Supplier Shield Web Application Penetration Testing
AWS Architecture
Vulnerability Management


Business Continuity
Incident Management Procedure
Information Security Charter

Continuous Monitoring

App Security
Annual Penetration Test
Code Review Process
Employee Disclosure Process
Quarterly Vulnerability Scan
Responsible Disclosure (Bug Bounty)
Software Development Lifecycle
Vulnerability Management
Web Application Firewall
Data Security
Daily Database Backups
Data is Encrypted at Rest
Security Policies
SSL/TLS Enforced
System Access Control Policy
Infrastructure Security
Cloud Data Storage Restricted
Encryption of Web-Based Admin Access
Multiple Availability Zones
Password Policy
Security Patches Automatically Applied
Network Security
Denial of Public SSH
Malware Detection Software Installed
Organization Security
Acceptable Use Policy
Code of Conduct
Disaster Recovery Plan
Incident Response Plan
Incident Response Team
Security Training
Product Security
Databases Monitored and Alarmed
Hard-Disk Encryption
MFA on Accounts
Terms of Service


Supplier Shield's list of subprocessors that handle personally identifiable data.
Microsoft Azure
Cloud computing services including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) offerings.
Data location: US
Stripe provides billing, subscription, and invoicing services.
Data location: US
Multichannel marketing automation software with features designed to ease the marketing process and generate sales-ready leads
Data location: Switzerland
Email marketing and transactional email services
Data location: US
Amazon Web Services
Cloud infrastructure and security
Data location: Switzerland & US