Fort Knox,
encrypted.

We take security seriously. Like bank level security. Don’t just take our word for it, we can back that up.

     .------.
    / .----. \
   / /      \ \
   | |      | |
  _| |______| |_
.' |_|      |_| '.
'._____ __ _____.'
|     .'__'.     |
'.__.'.'  '.'.__.'
'.__  |    |  __.'
|   '.'.__.'.'   |
'.____'.__.'____.'
'.______________.'

1. We don't store your code.
We never store a single line of your code and we never will. We only analyse team contributions to determine the best owners and get a better understanding of distribution.

Find out more about our app permissions and why we need them here.

2. OAuth first authentication.
We let GitHub handle authentication since they are the experts at managing code access. Using OAuth to access CODEOWNERS, you can always remove our application or remove access to your account through GitHub settings. Quick and painless.

3. Secure integrations.
We only use external services that are fully encrypted and safe. All of our vendors have SOC2 compliance and very strict security measures.

4. SOC 2 compliant.
Codeowners is proud to announce it has successfully completed the System and Organization Controls (SOC) 2 Type I and Type II examinations in recognition of its commitment to information security. Developed by the American Institute of CPAs (AICPA), SOC 2 (System and Organization Controls) defines criteria for managing customer data based on five “trust service principles” — security, availability, processing integrity, confidentiality, and privacy.

A SOC 2 examination provides organizations with a report on an organization’s internal controls and how it protects customer data and sensitive information. It is the standard for data security among digital companies in the U.S. and Canada. An independent auditor, Insight Assurance, conducted the detailed examination. Through this process, Codeowners demonstrated its adherence to data security, availability and confidentiality standards developed by the American Institute of Certified Public Accountants (AICPA).

With its SOC 2 recognition, Codeowners not only protects the safety of its customers’ data today but demonstrates that it has set the right standards in place for the future.

To earn SOC 2 certification, Codeowners completed the following during the audit periods:
● Assessment of the design and operating effectiveness of Codeowners controls
● Thorough examination of security of vendors and third parties
● Defined policies to ensure continued protection for customers and employees
● Codeowners is excited to be taking this important step to further its data protection practices.

5. All traffic is encrypted.
All of our traffic, in and out of CODEOWNERS is encrypted. That means no one can hijack a transaction or a message and save it for themselves. We also host all of our infrastructure in the same place to avoid external dependencies.

6. US/NY based infrastructure.
We host all of our servers and DBs within the same region/datacenter to avoid external access.

7. CI/CD with definitive PR protocols.
All deploys are handled through our very strict CI/CD tests and processes. All PRs must pass through our strict review and QA process before ever being deployed.

8. Regular pen testing.
We execute regular pen tests on our infrastructure to make sure our API doesn't leave any blind spots. We are extremely diligent to make sure everything is running smoothly.

9. Continuous monitoring.
We monitor every transaction on our server to avoid any errors while you use CODEOWNERS.com. Our team is constantly monitoring to make sure everything is running smoothly, with the help of robots 🤖.

10. Threat detection, DDoS protection.
With the help of our partners at Cloudflare, we are protected from DDoS attacks and other threats. You never know when someone wants to show up at the party without an invitation.

Stop guessing.
Find out exactly who knows best.

Install the extension on GitHub now and get started.

Install with GitHub

Fort Knox,encrypted.

Stop guessing.Find out exactly who knows best.

Fort Knox,
encrypted.

Stop guessing.
Find out exactly who knows best.