Lock

Lightrun Platform Security And Privacy

Lightrun works with tightly regulated, Fortune 100 organizations every single day. As such, our platform puts security first – ensuring every instrumentation meets the strict guidelines of the world’s leading standard bodies.

Read The Whitepaper 

ISO
AICPA SOC 2
GDPR
HIPAA compliant

Guardrails For The Enterprise

Our founding team grew up and cut their teeth in the cybersecurity industry and we built Lightrun following the same ideals. Lightrun is standard-compliant and enterprise-ready from the get-go: a developer tool for the modern engineering organization.

Security

No Access To Your Code

Lightrun assures organizations their code remains private and secure by never accessing it in the first place, either on the client or the SDK side.

Security

Enterprise-Grade Certifications

Lightrun is ISO-27001, SOC 2 Type II, GDPR and HIPAA compliant.

Security

Sandbox

Inserted Actions are emulated in a dedicated Sandbox to validate there are no side effects to the original flow and state.

Security

Encryption In Transit And At Rest

Traffic is encrypted using TLS v1.2 for security in transit and AES-256 for security at rest.

Security

Certificate Pinning

On both on the client and the SDK side.

Security

RBAC And Audit Trail

Lightrun activity, Actions and changes are logged and auditable with Lightrun providing several roles to support granular management and segregation of duties.

Security

Blocklisting And PII Redaction

Lightrun allows organizations to completely exclude specific code segments and redact specific patterns on the fly.

Security

SSO Support

Using SAML, OpenID, Okta, Google SSO and other providers.

The Lightrun Sandbox™

In order to give developers the best experience while maintaining the safety of the live application, every Lightrun SDK™ comes pre-packaged with its own Lightrun Sandbox™, a robust, patented mechanism that ensures that each Action is:

  • Read-Only: each Lightrun Action is verified during invocation to ensure it does not have any unwanted side effects, blocking the Action and sharing the error to the client if it does
  • Performant: each Lightrun Action is throttled and rate-limited to ensure that the application continues to perform as intended
  • Private: PII Redaction and blocklisting are first-class citizens, ensuring no private or sensitive information is leaked

Download Product Whitepaper 

Security

No Source Code Access

The Lightrun Platform does not rely on getting access to your source code repositories in order to access your application.

Instead, the Lightrun IDE Plugins utilize the IDE’s built-in code-indexing mechanisms in order to collect just the information required without using intrusive code-scanning techniques.

No source code is ever transmitted over the wire, only the basic metadata required to place an Action in the live application.

Security

Data Privacy

Lightrun supports file and package level blocklists, which allow system administrators to restrict access to certain resources and to restrict access to PII and other sensitive data.

As an additional security practice, Lightrun administrators can define system-wide ‘redaction expressions’ to ensure that sensitive information is never exposed to developers.

Learn More About Data Security 

Security

Fully Traceable And Auditable

Each activity executed by the Lightrun SDK™, Lightrun users (using a Lightrun IDE Plugin / CLI Client) as well as every integration is logged automatically.

A filterable audit log of all of these activities is readily available from the Lightrun Management Server to account for any security or compliance considerations that may arise.

Learn More About Auditing

Security

Completely Compliant

Lightrun works with major enterprises across the world – including Fortune 100 companies – and adheres to strict compliance standards and security guidelines.

The Lightrun Platform consistently earns praise and accolades for its innovative approach to real-time, safe, instrumentation and is ISO-27001, SOC2 Type II, HIPAA and GDPR compliant.

Security

Get Down To Business

Let one of our Observability Specialists walk you through the Lightrun platform.

Lets Talk!

Looking for more information about Lightrun and debugging?
We’d love to hear from you!
Drop us a line and we’ll get back to you shortly.

By submitting this form, I agree to Lightrun’s Privacy Policy and Terms of Use.