Sourcegraph self-hosted gives you the most control over deployment and security options.
A full list of tools and licenses can be found here.
For details on our information security practices or to request a copy of our SOC 2 Report, please visit our Security Trust Portal.
Go to Security Trust PortalFor a list of Sourcegraph's subprocessors, please visit the link below.
Go to SubprocessorsSourcegraph hosts a private bug bounty program on HackerOne. If you believe that you have found a vulnerability related to Sourcegraph, please reach out to security@sourcegraph.com with your HackerOne username. Sourcegraph will add you to the platform, where you can make a report, which will be processed according to the terms of our bug bounty policy.
Contact Security Team