Trust Center

Start your security review
View & download sensitive information
Ask for information
Search items
ControlK

Overview

Welcome to Blue dot's Trust Center.

Blue dot is a Software as a Service provider offering services pertaining to tax reclamation and compliance in a modern world where employees are empowered to make expenses for the company.

Use this Trust Center to learn about our security posture and request access to our security documentation.

Compliance

CSA STAR Logo
CSA STAR
GDPR Logo
GDPR
ISO 27001 Logo
ISO 27001
SOC 2 Logo
SOC 2
Start your security review
View & download sensitive information
Ask for information

Documents

All
Public
Private
Security Whitepaper
ISO 27001
SSO Support
Privacy Whitepaper
Information Security Policy

Risk Profile

Data Access LevelInternal
Impact LevelModerate
Recovery Time Objective24-48 hours
View more

Product Security

Audit Logging
Data Security
Integrations
View more

Reports

Network Diagram
Pentest Report
Security Whitepaper
View more

Self-Assessments

CAIQ

Data Security

Access Monitoring
Backups Enabled
Data Erasure
View more

App Security

Responsible Disclosure
Code Analysis
Secure Development Training
View more

Legal

SubprocessorsGoogle Cloud-company-logoHubSpot-company-logoLightico-company-logoSafeBase-company-logoSnowflake-company-logo
Data Processing Agreement
Master Services Agreement

Data Privacy

Data Breach Notifications
Data Privacy Officer
Employee Privacy Training
View more

Access Control

Data Access
Logging
Password Security

Infrastructure

Amazon Web Services
Anti-DDoS
BC/DR
View more

Endpoint Security

Disk Encryption
Endpoint Detection & Response
Threat Detection

Network Security

Firewall
IDS/IPS
Virtual Private Cloud

Corporate Security

Email Protection
Employee Training
Incident Response
View more

Policies

Acceptable Use Policy
Access Control Policy
Anti-Malicious Software Policy
View more

Security Grades

ImmuniWeb
Blue dot Platform
A
Qualys SSL Labs
Blue dot Platform
A+

Trust Center Updates

Blue dot receives updated SOC2 report

ComplianceCopy link

Blue dot has received it's updated SOC2 type 2 report, covering the period of December 1, 2022, to November 30, 2023. No deviations noted

Published at N/A

Blue dot Update on libwebp Vulnerability

VulnerabilitiesCopy link

Recently a zero-day vulnerability has been announced pertaining to exploitability of libwebp library (CVE-2023-4863).

Blue dot has conducted thorough investigations and is fully protected against both vulnerabilities.

There is no evidence of any exploitation, and there is no action required from Blue dot customers. We have checked with our sub-processors and are monitoring their responses.

Published at N/A*

If you think you may have discovered a vulnerability, please send us a note.

Report Issue
Powered bySafeBase Logo