urlscan.io logo urlscan.io
SecurityTrails logo

app.safebase.io Open in urlscan Pro
2606:4700::6812:1e06  Public Scan

Back to summary
URL: https://app.safebase.io/portal/71ccd717-aa2d-4a1e-942e-c768d37e9e0c/preview?product=default&orgId=71ccd717-aa2d-4a1e-942...
Submission: On March 08 via api from US — Scanned from DE

Form analysis 1 forms found in the DOM

<form action="" novalidate="" role="search" class="sc-b2b6aa21-1 XTnXB"><input theme="[object Object]" aria-autocomplete="both" aria-labelledby="sp-search-autocomplete-label" autocomplete="off" autocorrect="off" autocapitalize="none"
    enterkeyhint="search" spellcheck="false" placeholder="Find Item..." maxlength="512" type="search" id="sp-search-autocomplete-input" class="sc-b2b6aa21-2 jhJNeT sp-SearchBox shadow-sm sp-SearchBox shadow-sm hide-clear form-control"
    value=""><button type="submit" class="sc-b2b6aa21-3 fWQQFI mx-1"><svg aria-hidden="true" focusable="false" data-prefix="fas" data-icon="magnifying-glass" class="svg-inline--fa fa-magnifying-glass " role="img" xmlns="http://www.w3.org/2000/svg"
      viewBox="0 0 512 512">
      <path fill="currentColor"
        d="M416 208c0 45.9-14.9 88.3-40 122.7L502.6 457.4c12.5 12.5 12.5 32.8 0 45.3s-32.8 12.5-45.3 0L330.7 376c-34.4 25.2-76.8 40-122.7 40C93.1 416 0 322.9 0 208S93.1 0 208 0S416 93.1 416 208zM208 352a144 144 0 1 0 0-288 144 144 0 1 0 0 288z">
      </path>
    </svg></button></form>

Text Content

TRUST CENTER

Subscribe
Get access to this Trust Center
 * Review sensitive security details
 * Unlock documents
 * Submit security questionnaires
 * Ask for more information

Request access
Had access before? Reclaim access

OVERVIEW

Welcome to Gitpod's Trust Center. Gitpod takes a central position in the
software development lifecycle. As such, the security of our product is
paramount; not only at runtime, but also as we build and deliver Gitpod. Use
this Trust Center to learn about our security posture and request full access to
our security documentation.

COMPLIANCE


GDPR

SOC 2
Get access to this Trust Center
 * Review sensitive security details
 * Unlock documents
 * Submit security questionnaires
 * Ask for more information

Request access
Had access before? Reclaim access
USED BY SECURITY FOCUSED COMPANIES

Amazon
Google
GitLab
freeCodeCamp
Factorial
Astrato
RedwoodJS
Vizlib
Shares
DOCUMENTS

All
Public
Private

Request Access to Private Documents
Network Diagram

Pentest Report

SOC 2 Report

Vulnerability Assessment Report

CAIQ

Cyber Insurance

Data Processing Agreement

Access Control Policy

Information Security Policy

Other Policies

Risk Management Policy







RISK PROFILE

Data Access LevelInternal
Impact LevelModerate
Recovery Time Objective< 24 Hours
See more
PRODUCT SECURITY

Audit Logging
Data Security
Multi-Factor Authentication
See more
REPORTS

Network Diagram
Pentest Report
SOC 2 Report
See more
SELF-ASSESSMENTS

CAIQ
DATA SECURITY

Access Monitoring
Backups Enabled
Data Erasure
See more
APP SECURITY

Code Analysis
Responsible Disclosure
Software Development Lifecycle
See more
LEGAL

Subprocessors
Customer Audit Rights
Cyber Insurance
See more
ACCESS CONTROL

Data Access
Logging
Password Security
INFRASTRUCTURE

Status Monitoring
Anti-DDoS
Cloud Workload Protection
See more
ENDPOINT SECURITY

Disk Encryption
Mobile Device Management
Threat Detection
NETWORK SECURITY

DNSSEC
Firewall
IDS/IPS
See more
CORPORATE SECURITY

Asset Management Practices
Employee Training
HR Security
See more
POLICIES

Access Control Policy
Information Security Policy
Other Policies
See more
SECURITY GRADES

Qualys SSL Labs
Gitpod.io

TRUST CENTER UPDATES

Subscribe


SECURITY NOTIFICATIONS

GeneralCopy link

Vulnerability affecting Gitpod

Context: Gitpod been notified of a vulnerability that may lead to a takeover of
shared workspaces (CVE-2023-0957)

Remediation: Gitpod has remediated this vulnerability by allowing websocket
connections to be made from base domains only (see #16378 and #16405).

 * If you are a user of gitpod.io, there are no action items.

 * If you are a user of Gitpod self-hosted, we recommend updating to version
   2022.11.2 through this URL:
   https://github.com/gitpod-io/gitpod/releases/tag/release-2022.11.2

Gratitude: Thank you to Elliot Ward from Snyk for disclosing these findings.

Published at 03/01/2023, 4:15 PM

Notice on OpenSSL Vulnerabilities

Background

On November 1st, 2022 the OpenSSL Project patched two buffer overflow
vulnerabilities (CVE-2022-3786; CVE-2022-3602). Under certain circumstances, an
exploit could have resulted into an application crash (denial of service) or
potential remote code execution.

Remediation

We have updated all our container images to include the latest OpenSSL version
#14333.

Published at 11/08/2022, 9:22 AM*

If you think you may have discovered a vulnerability, please send us a note.

Report Issue
Powered By
Logos provided by Clearbit | Cookie Preferences