WhizAI Trust Center

WhizAI has implemented a comprehensive risk management framework to identify, assess, and manage risks to our systems and data. We conduct regular risk assessments to identify potential threats and vulnerabilities, and we prioritize risk mitigation efforts based on their potential impact. Our risk management approach is integrated into our day-to-day operations, and our employees and contractors are trained to be aware of potential risks and report any suspicious activities promptly. By taking a proactive approach to risk management, we are able to maintain a secure environment for our customers' data and meet the rigorous SOC 2 compliance requirements.

We conduct regular vulnerability assessments to identify potential weaknesses in our systems and promptly address them. We have implemented a robust patch management process to ensure that all security patches and updates are applied promptly. Our employees and contractors are trained to be aware of potential vulnerabilities and report any suspicious activities promptly. We also conduct regular penetration testing to identify potential vulnerabilities and assess the effectiveness of our security controls. Our vulnerability management approach is integrated into our day-to-day operations, and we continuously strive to improve our processes to maintain the highest standards of data protection and security.

When software vulnerabilities are revealed and addressed by a vendor patch, WhizAI will obtain the patch from the applicable vendor and apply it within an appropriate time frame in accordance with WhizAI’s then-current vulnerability management and security patch management standard operating procedure and only after it is tested and determined to be safe for installation in all production systems.

WhizAI has implemented a responsible disclosure program to encourage the reporting of any potential security vulnerabilities by external parties. Our responsible disclosure program provides clear guidelines on how to report vulnerabilities and encourages ethical disclosure. We prioritize the prompt and efficient resolution of any reported vulnerabilities and acknowledge and thank individuals who report vulnerabilities responsibly. Our responsible disclosure program helps us maintain a secure environment for our customers' data and allows us to continuously improve our security posture. We encourage anyone who believes they have found a security vulnerability in our systems to report it promptly through our responsible disclosure program.