For the best web experience, please use IE11+, Chrome, Firefox, or Safari

OneLogin Compliance Commitment

As a security-first company, data and privacy protection are our # 1 priority.

Network Scans

Network Scans

Network vulnerability scans are performed using a PCI ASV (Approved Scanning Vendor) solution on a quarterly basis. These scans are performed internally and externally as part of PCI requirements. Monitoring tools are also used to verify whether OneLogin systems are susceptible to emerging vulnerabilities by scanning the software packages installed on each system.

What’s the primary purpose of this initiative?

Network vulnerability scans help OneLogin identify vulnerabilities and misconfigurations of websites, applications, and information technology infrastructures.

What’s the scope?

Internal and external scans of the network environment.

How often are you evaluated/audited?

Network scans are performed on a quarterly basis and monitoring tools report ad hoc on emerging vulnerabilities.

Who is the primary audience?

OneLogin - internal use only

Responsible Disclosures

We take security seriously at OneLogin. As part of our ongoing commitment to provide a best-in-class cloud service, we leverage independent third parties to help us strengthen our security. If you think you have discovered a security vulnerability, we appreciate your help in disclosing it to us in a responsible manner.

Report a vulnerability or view our Security Hall of Fame

Are you a Security Researcher?

We are always looking for talented individuals with security experience.