At Neo4j we believe that our products and services should be relied on to be secure at all times. By integrating Security, Privacy, Compliance and Reliability in everything we do, we create a stable foundation of trust in our products and services.
Found a security issue you want to share with us? Please follow the steps located in our responsible disclosure policy.
Neo4j Aura Enterprise recently completed a SOC2 Type II assessment, which asserts that our information security policies, procedures, and controls meet industry standards and further demonstrates our continuous commitment to protecting our customers. Achieving SOC2 Type II compliance further highlights our on-going commitment to improving our security and compliance posture in an effort to reduce security risks. Read more in the blogpost here.
Using strong security controls, we ensure that data is only available to the right persons at the right time. We encrypt data-in-flight and data-at-rest by default, and apply the principle of least privilege in everything we do. Vulnerabilities are acted on with priority.
Neo4j leverages world leading Cloud service providers Amazon Web Services and Google Cloud Platform to deliver industry leading graph capabilities.
Neo4j security program is built using industry standard frameworks, and is continuously validated against industry best practices through compliance certifications. The Neo4j Information Security Management System is built and certified against the ISO27001 standard.
Privacy is more than just authentication, authorization, and confidentiality. Neo4j is committed to letting customers decide how their data is accessed and used within our products and services. Learn more about Neo4j’s Privacy Policy and our CCPA Privacy Policy.
Neo4j strives to conduct business in an ethical and lawful manner. If you have concerns about the actions of Neo4j or its employees, please submit them here: ethicalmailbox@neo4j.com