Announcing the ngrok security and trust portal | ngrok blog

Today I'm excited to announce an important step in ngrok's security journey: the ngrok security and trust portal. Our portal provides information about the security of the ngrok service, our shared security model, how we handle data, the steps we take to protect it, and our ongoing commitment to transparency.

ngrok's security programCopy link to clipboard

Our top priority with the trust portal is to help people quickly understand our security policies and practices. To make sure the information is crisp and easy to navigate, customers can review ngrok’s security controls under 14 key categories — ranging from legal to administrative to technical controls:

Within each category, you will find more information about ngrok’s controls, why they matter, and how we're applying them.

Streamlining security and compliance reviewsCopy link to clipboard

The ngrok trust portal is also built to simplify how our customers and prospects collect information about ngrok. From our trust page, security and compliance teams can request access to documents such as our SOC 2 reports and internal security policies. The ngrok trust portal automatically routes requests, processes NDAs, and releases documents upon approval, insulating security and compliance teams from navigating these steps manually with never ending email chains, shared Google drives, and ongoing checklists.

Reporting issues with easeCopy link to clipboard

We've also added a Report Issue button to the ngrok trust portal to provide you with a quick way to report abuse or security issues within our service. The issues reported are routed directly to our support, engineering, abuse, and security teams for a quick turnaround.

This is just the beginningCopy link to clipboard

The security and trust portal is one of the many features we implemented at ngrok to show our commitment to security and transparency, alongside our SOC 2 report, and new product features for access control and observability. We remain committed to continuously improving our privacy and security practices, with more capabilities coming soon.

We hope this is useful for developers and businesses alike. If you have questions or need to know more about us and our security program, reach out to us.