May 24, 2022
min read

Announcing the ngrok security and trust portal

Arianna Willett

Today I'm excited to announce an important step in ngrok's security journey: the ngrok security and trust portal. Our portal provides information about the security of the ngrok service, our shared security model, how we handle data, the steps we take to protect it, and our ongoing commitment to transparency.

ngrok's security program

Our top priority with the trust portal is to help people quickly understand our security policies and practices. To make sure the information is crisp and easy to navigate, customers can review ngrok’s security controls under 14 key categories — ranging from legal to administrative to technical controls:

Within each category, you will find more information about ngrok’s controls, why they matter, and how we're applying them.

Streamlining security and compliance reviews

The ngrok trust portal is also built to simplify how our customers and prospects collect information about ngrok. From our trust page, security and compliance teams can request access to documents such as our SOC 2 reports and internal security policies. The ngrok trust portal automatically routes requests, processes NDAs, and releases documents upon approval, insulating security and compliance teams from navigating these steps manually with never ending email chains, shared Google drives, and ongoing checklists.

Reporting issues with ease

We've also added a Report Issue button to the ngrok trust portal to provide you with a quick way to report abuse or security issues within our service. The issues reported are routed directly to our support, engineering, abuse, and security teams for a quick turnaround.

This is just the beginning

The security and trust portal is one of the many features we implemented at ngrok to show our commitment to security and transparency, alongside our SOC 2 report, and new product features for access control and observability. We remain committed to continuously improving our privacy and security practices, with more capabilities coming soon.

We hope this is useful for developers and businesses alike. If you have questions or need to know more about us and our security program, reach out to us.

Share this post
Arianna Willett
Ari is the Senior Director of Security Risk & Trust at ngrok. Over the course of her career, She built and ran security programs for companies ranging in size from startups to the Fortune 200, including Twilio, Okta, and Deloitte. She has a passion for building and scaling security teams and promoting security best practices.