Today I'm excited to announce an important step in ngrok's security journey: the ngrok security and trust portal. Our portal provides information about the security of the ngrok service, our shared security model, how we handle data, the steps we take to protect it, and our ongoing commitment to transparency.
ngrok's security program
Our top priority with the trust portal is to help people quickly understand our security policies and practices. To make sure the information is crisp and easy to navigate, customers can review ngrok’s security controls under 14 key categories — ranging from legal to administrative to technical controls:
Within each category, you will find more information about ngrok’s controls, why they matter, and how we're applying them.
Streamlining security and compliance reviews
The ngrok trust portal is also built to simplify how our customers and prospects collect information about ngrok. From our trust page, security and compliance teams can request access to documents such as our SOC 2 reports and internal security policies. The ngrok trust portal automatically routes requests, processes NDAs, and releases documents upon approval, insulating security and compliance teams from navigating these steps manually with never ending email chains, shared Google drives, and ongoing checklists.
Reporting issues with ease
We've also added a Report Issue button to the ngrok trust portal to provide you with a quick way to report abuse or security issues within our service. The issues reported are routed directly to our support, engineering, abuse, and security teams for a quick turnaround.
Ari is the Senior Director of Security Risk & Trust at ngrok. Over the course of her career, She built and ran security programs for companies ranging in size from startups to the Fortune 200, including Twilio, Okta, and Deloitte. She has a passion for building and scaling security teams and promoting security best practices.