Back to blog

Sourcegraph is now ISO 27001:2022 certified

Dora Neumeier
April 9, 2025

Sourcegraph has achieved ISO/IEC 27001:2022 certification, reinforcing our commitment to the highest standards of information security for the enterprise.

ISO 27001 defines a rigorous framework for how organizations manage and protect information - covering everything from risk management and access control to data governance and incident response. This certification affirms that Sourcegraph has implemented a comprehensive, independently audited security program - designed to protect the confidentiality, integrity, and availability of customer data across our products, systems, and operations.

For customers - especially large enterprises and global organizations - this certification is a clear signal that Sourcegraph meets the highest standards for security and data protection.

Scope

  • Enterprise Self-Hosted
  • Enterprise Cloud
  • Enterprise Starter
  • Included Features:
    • Cody
      • Chat
      • Autocomplete
      • Prompt Library
    • Code Search
      • Search
      • Batch Changes
      • Code Insights

A continued commitment to trust

Our customers place their trust in us, and we take that responsibility seriously. Security isn’t a one-time checkbox - it’s an ongoing, embedded commitment in how we build, operate, and support Sourcegraph every day.

We maintain a proactive Governance, Risk, and Compliance (GRC) program that includes continuous monitoring, regular risk assessments, and real-time visibility into our security controls. This allows us to identify and respond to potential threats quickly and effectively.

Security is also deeply rooted in our culture. From onboarding to daily operations, we foster a strong security awareness mindset across all teams. Regular training, threat simulations, and cross-functional collaboration ensure that everyone at Sourcegraph plays an active role in protecting customer data.

ISO27001 certification is a meaningful milestone, but it’s just one part of our broader security journey. We remain committed to building secure, reliable, and trusted solutions that empower our users to do their best work - with full confidence their data is always protected.

ISO 27001 certification joins our existing SOC 2 Type II attestation and compliance with GDPR and CCPA. You can view and download our certifications in our Security Portal, and explore our broader approach to security, compliance, and trust.

Subscribe for the latest code AI news and product updates

Ready to accelerate
how you build software?

Use Sourcegraph to industrialize your software development

Get started
Book a demo
Accelerating how software is built
Features
AI Editor Assistant
Code Search
Agents
Batch Changes
Resources
Documentation
Resource Library
Blog
Changelog
Case Studies
Community
Support Forum
Company
About
Careers
Contact
Handbook
Brand Guide
Pricing
Services
© 2025 Sourcegraph, Inc.
System statusTerms of servicePrivacy policy