Documents
We are constantly monitoring the security of our website. We will post our grades from public security rating agencies when they become available.
Hi all, Culture Amps Security Documentation may be temporarily only available in read only format as we tweak some settings with the underlying platform. For anyone performing due dilligence activities, most documentation should be downloadable (if required) hopefully by Monday US-time. The exception to this will be our SOC2 report, which will remain available in read only format indefinitely.
Culture Amp SOC2 Type 2 complete. SOC3 Report available for download from our security trust centre.
Culture Amp is not impacted by the Citrix Vulnerabilities (CVE-2023-3519, CVE-2023-3466, CVE-2023-3467).
If you think you may have discovered a vulnerability, please send us a note.