Trust Center

Silverfort was founded on secure practices and takes your company's data security extremely seriously. As such, we have developed this online diligence package with SafeBase.io to make it easy for our clients to assess the risks and effectiveness of our controls related to the Confidentiality, Integrity, and Availability controls of our products and services. We are happy to address any questions not answered here during the diligence process.

Our security self-assessments use the 2023 SIG-LITE and CIAQ v4. In addition, we have a self-assessment available here that is based on SIG and contains additional common privacy questions related to GDPR compliance for our European customers.

Silverfort was architected with security in mind to ensure the product secures the customer's environment with no added risk. The core of Silverfort’s platform can be delivered on-prem as a hardened virtual appliance. Silverfort integrates with AD by installing an AD adapter. The AD adapter is minimal in its design and well-tested to reduce the attack surface as much as possible.

Most importantly, Silverfort doesn’t extract passwords, hashes, session keys or any other secret from AD. So even in the unlikely event that the virtual appliance is compromised, the AD secrets remain secure. Security is an important consideration in the design of every feature in Silverfort. Among other controls, all code is peer reviewed, and the product undergoes periodic external testing. The product is considered a Microsoft-preferred solution and received the Microsoft Intelligent Security Association Zero Trust Champion award.

Silverfort benchmarks its cybersecurity program against the following standards, controls, and frameworks: ISO27xxx, ITIL NIST Cybersecurity Framework, SANS Top20 CSC & SANS Common Weakness Enumeration (CWE) 25, the CIS Controls (V8), the COSO Enterprise Risk Framework, OWASP including OWASP Top 10, and AICPA SOC2 Type 2 Trust Services Criteria for Security, Confidentiality, Availability, Privacy, and Integrity Controls.