Patchable is in early access — join the waitlist to be first in line

Security at Patchable

We take security seriously. Patchable is built with defense-in-depth principles to protect your organization's data at every layer.

Encryption

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Agent-to-server communication uses certificate pinning.

  • TLS 1.3 for all connections
  • AES-256 encryption at rest
  • Certificate pinning on agent

Access Controls

Multi-tenant architecture with row-level security ensures strict data isolation between organizations.

  • Row-level security (RLS)
  • SSO with SAML & OIDC
  • Multi-factor authentication

Compliance

Patchable is designed to help your organization meet compliance requirements across common frameworks.

  • SOC 2 Type II readiness
  • Audit logging & retention
  • Exportable compliance reports

Infrastructure

Hosted on industry-leading cloud infrastructure with automated backups and disaster recovery.

  • Automated daily backups
  • 99.9% uptime SLA
  • Disaster recovery plan

Agent Security

The Patchable agent is code-signed and runs with minimal privileges, only elevating when deploying approved updates.

  • Code-signed binaries
  • Least-privilege execution
  • Signed patch scripts

Vulnerability Management

We regularly test our own systems and maintain a responsible disclosure policy for security researchers.

  • Regular penetration testing
  • Dependency scanning
  • Responsible disclosure program

Security questions?

If you have security concerns or want to report a vulnerability, please contact our security team.

Contact Security Team