Q: Does UiPath conform to any information security standards and regulations?
ISO/IEC 27001 - UiPath has engaged a certification body accredited by the ANSI National Accreditation Board (ANAB) and United Kingdom Accreditation Service (UKAS) to audit UiPath’s information security management system (ISMS) annually for conformity with the ISO/IEC 27001:2013 standard and aligned to meet the control implementation guidance and additional control sets of ISO/IEC 27017:2015 and ISO/IEC 27018:2019. The corresponding certification has been issued, the scope of which is detailed therein.
Veracode - UiPath has achieved Veracode Continuous Certification for our products.
SOC 2 - UiPath has engaged an independent certified public accounting firm to examine controls relevant to American Institute of Certified Public Accountants (AICPA) Trust Services Criteria for security, availability, and confidentiality relevant to the UiPath cloud offerings and issue SOC 2® reports every six months.
For information on our regulatory compliance program, please check our Security page.
Q: Does UiPath share the data used with our products with third parties?
UiPath does not share nor has access to your data when you use UiPath products installed on premise.
UiPath shares customer data with its sub-processors, when you are using UiPath cloud products.
For more information about how UiPath processes personal data used with UiPath products please check our Privacy section.
Q: Is data used with UiPath cloud products encrypted?
UiPath encrypts customer data in transit and at rest.
All customer data stored within UiPath cloud products and services is encrypted in transit over public networks using Transport Layer Security (TLS) 1.2+ to protect it from unauthorized disclosure or modification.
Customer data stored in UiPath cloud products and services is AES encrypted at rest.
Q: Is Transport Layer Security (TLS) always used for communications to UiPath cloud products?
Yes, all UiPath Cloud systems only use TLS for communication. In line with Industry standards, we have disabled TLS 1.0, TLS 1.1, and all versions of SSL.
Q: How are passwords for UiPath products stored?
User passwords are cryptographically hashed within all UiPath products. Robot passwords are encrypted with AES 256 bit encryption.
Q: I found a vulnerability in one of your products, how do I report it?
If you are a member of our Bug Bounty program, please report it there.
If you are not a member of the program, please let us know immediately by contacting us directly at firstname.lastname@example.org.