Security Bulletin

Last Updated: April 30, 2026

Vasion maintains a robust security program as an ISO 27001:2013 and SOC2 Type 2 certified solution to promptly address any and all security vulnerabilities when discovered. Meeting the ISO standard involves an extensive process of becoming ISO-compliant to better meet our customers’ business, legal, and regulatory requirements. As a globally-recognized security program, maintaining an ISO certification shows a commitment to executing high-quality security practices and improving our security posture through defined processes and documentation.

Our security policies are articulated here that details these certifications as well as the approach to:

Physical Security.
Network Security.
Application Security.
Training.
Data Protection.

Our Vasion Trust Center describes in detail the security tests we’ve run, the polices that we apply and adhere to, as well as a number of monitoring tests we regularly run.

Bulletins

Security bulletins with CVE identifiers are issued for Scheduled Release SaaS (SRS) and Virtual Appliance environments. Vasion Now, as a continuously deployed environment (CI/CD), receives automatic security updates and is not included in version-specific security bulletins.

For more details refer to Virtual Appliance Security Bulletin or adjust the Delivery Model to Scheduled Release SaaS (SRS) in the upper-right.