Security & Compliance

Innovate with integrity and confidence

See Security Standards

SnapLogic’s Platform for Generative Integration complies with extremely high security and compliance standards,
providing customers with secure data integration.

SnapLogic Enterprise Integration Cloud Architecture
SnapLogic’s Platform for Generative Integration Architecture

Cloud Application Security

SnapLogic’s platform allows users to control access rights. SnapLogic does not collect any personal information on behalf of its customers, does not control such information, and does not monitor the content of pipelines run in SnapLogic’s Platform for Generative Integration.

  • SnapLogic’s Platform for Generative Integration Metadata and log files are hosted on the Amazon Web Service cloud infrastructure.
  • SnapLogic is 100-percent Amazon Web Services-based and inherently leverages AWS’s powerful security and compliance capabilities.

Access the Security and Privacy Overview White Paper

Download Now

Cloud Application Security with AWS
Data Management and Data Encryption icon

Data Management and Data Encryption

SnapLogic protects sensitive customer data through a combination of access controls and encryption. SnapLogic:

  • Encrypts data at the disk level with the account data stored in a server-side encrypted bucket in the Amazon S3 environment.
  • Does not, by default, persist customer data.
  • Encrypts data fields at the account level and only operates on the customer data using customer-defined pipelines that may perform any necessary data operations.

Runtime Data Security

SnapLogic’s Platform for Generative Integration is a stateless engine, meaning it does not store runtime or business-related data. Only customer metadata is stored in the SnapLogic platform.

  • Pre-built connectors, Snaps, leverage the endpoint security whether using a secure JDBC connection to a database or invoking a HTTPS-based REST or SOAP API to send and receive encrypted data.
  • Account credentials used to access endpoints from SnapLogic are encrypted using a private key/public key model. The account data when created, is encrypted with the public key in the browser, then stored in encrypted form in the control plane, subsequently decrypted with the private key in the Snaplex, just-in-time for use to connect to the endpoint. With the enhanced Account Encryption option, the Private key is never in SnapLogic’s control, ensuring the customer’s integrity may never be breached even in the event of a compromise on the SnapLogic side.
Runtime Data Security icon
Password Security Management icon

Password Security Management

The SnapLogic Platform server supports an authentication and privilege model that allows the administrator to grant, limit, or restrict access to components and pipelines.

  • The server applies access rules to all requests and grants or denies access depending on the type of operation attempted by the user.
  • Users who share a particular responsibility can be assigned to groups.
  • SnapLogic supports SSO through Security Assertion Markup Language (SAML) standard or Active Directory.
  • Supported authentication methods include Open AM, OKTA, and Ping.

Security and Compliance Certifications

SnapLogic upholds the highest security and compliance standards so that our customers do not have to compromise data integration with security and governance.

SnapLogic’s Platform for Generative Integration is certified by third parties with:

  • SOC 1 Type 2 (ISAE 3402 / SSAE18)
  • SOC 2 Type 2
  • SOC 3

Platform is compliant with:

  • CCPA (California Consumer Privacy Act)
  • GDPR (EU: General Data Privacy Regulation)
  • General Privacy Standards

The SnapLogic platform runs on Amazon Web Services (AWS) cloud infrastructure, one of the most powerful and flexible cloud computing environments. We leverage the security and compliance capabilities of AWS, including ISO 9001, ISO 27001, ISO 27017, ISO 27018, SEC Rule 17-a-4(f), DIACAP, FISMA, ITAR, CIS, CJIS, CSA, MPAA, MTCS Tier 3, G-Cloud, and DoD CSM Levels 1-2 and 3-5.



While SnapLogic does not store any customer data within the platform, metadata resides in the platform. The metadata is secured inside the protected SnapLogic environment, and only accessed by the SnapLogic Control Plane Services – no access is permitted by any outside service. Additionally, sensitive data, such as account information is always encrypted.

Network and Facilities Infrastructure Security

Network and Facilities Infrastructure Security

SnapLogic’s Platform for Generative Integration supports all application and data integration processes – on-premises, cloud, hybrid, or embedded. SnapLogic consists of a multi-tenant cloud service for creating, managing, and monitoring integrations – data processing can be run in a private cloud and/or behind your firewall.

Communication with Endpoints

Communication with Endpoints

Communication between the SnapLogic Integration Cloud, the control plane, and the on-premises processing components is established via SSL encryption on port 443. Communication between the control plane and cloud-based processing components is over HTTPS. The SnapLogic platform communicates with the data plane over HTTPS.

Need to Report a Security Issue?

If you believe you’ve discovered a vulnerability in SnapLogic’s security or have a security inquiry, please contact us at [email protected] and we will promptly respond.