Product
Lab Engine

A sandbox for any software

Embeddable Labs

Self-paced learning that works

AI Training Assistant

Elevate your learner experiance

Virtual Classroom

Deliver engaging live training

Solutions

USE CASES

Hands-on Training

Engage learners with live and self-paced hands-on training

Product Demos & POCs

Showcase your software effectively

Events & Workshops

Boost workshop impact

Developer Marketing

Engage technical users with interactive training

Training Partner Management

Manage and track external training partners

INDUSTRIES & TEAMS

Customer Education

Set your customers and partners up for success

Training Providers

Take your training business to the next level

Digital Transformation

Upskill your workforce

Resources

EXPLORE

Blog

Check out our latest stories

Case studies

See what success with Strigo looks like

LEARN

Help center

Need help with Strigo? Browse our knowledge base

APIs and developers

Integrate Strigo into your training workflows

Glossary

Key educational terminology

MORE

Trust and security

Your data is protected with Strigo

Professional services

Get hands-on help, dedicated support or expert guidance

PricingSupport
Learner access
Log in
Book a demo

Legal hub

Stay informed about the security, compliance, and privacy of our products and services.

Term of servicePrivacy policyData processing addendumSubprocessorsSecurity

Security statement

Last Updated: August 07, 2023

‍

Compliance

  • At Strigo, we know that compliance is a top priority for your business and understand the importance of fitting into your ecosystem of services and vendors.
  • We employ data protection and privacy by design, combining enterprise-grade security features with comprehensive audits of our policies, applications, systems, and networks. Strigo follows strict international standards and regulations in order to keep your information safe.
  • Our privacy & security team includes a Data Protection Officer (DPO), Chief Information Security Officer (CISO), and a Compliance Officer, who continuously ensure that Strigo’s practices and products comply with various standards and regulations. 

Compliance | SOC-2

  • We are SOC-2 Type II accredited and matinain our compliance on an annual basis.
  • The SOC-2 report can be sent upon request and after singing a relevant NDA.

Compliance | GDPR

  • We are GDPR-compliant and maintain the compliance ourselves while your business may simultaneously adapt its compliance preferences as a controller.
  • Our Terms of Service, Privacy Policy, and Data Processing Addendum (DPA) are up-to-date and reflect our GDPR readiness.

Datacenter and network security

  • Strigo hosts its software in Amazon Web Services (AWS) facilities in Ireland. Amazon provides an extensive list of compliance and regulatory assurances, including SOC 13 and ISO 27001. See Amazon’s compliance and security documents for more detailed information.
  • The servers providing Strigo’s service are located in Ireland as well.
  • All of Strigo’s servers are located within Strigo’s own virtual private cloud (VPC), protected by restricted security groups allowing only the minimal required communication to and between the servers.
  • Additional servers that relay data from end-user browsers to remote virtual machines are located in the US, Europe, Singapore, Tokyo, and Australia. Only the data of users’ interactions with their virtual lab machines goes through these servers.
  • Strigo conducts network vulnerability scans at least annually.

Application security

  • In addition to Strigo’s extensive testing program, Strigo conducts application penetration testing by a third party at least annually.
  • Single sign-on (SSO) allows you to authenticate users without requiring them to enter login credentials for your Strigo instance. Strigo supports SSO using SAML and G-Suite.
  • User passwords are salted, irreversibly hashed, and stored in Strigo’s database. Audit logging lets administrators see when users last logged in.

Data security

  • All data transfer to/from Strigo is encrypted using SSL, and any attempt to connect over HTTP is redirected to HTTPS.
  • All customer data (including call recordings and transcripts) is encrypted at rest and in transit.
  • System passwords are encrypted, and access to specific production systems is restricted.
  • We use industry-standard MongoDB data storage systems hosted on AWS and/or by the respective vendors.
  • We take regular snapshots of the database so that we can restore it as needed.
  • Personal customer data is stored in the Strigo databases that are located in Ireland.
  • Data access and authorizations are provided on a need-to-know basis and based on the principle of least privilege. Access to the AWS production system is restricted to authorized personnel.

Security policies and secure development life cycle (SDLC) 

  • Strigo maintains security policies that are maintained, communicated, and approved by management to ensure everyone clearly knows their security responsibilities.
  • Code development is done through a documented SDLC process. Design of all new product functionality is reviewed by relevant security personnel. Strigo conducts mandatory code reviews for code changes and periodic in-depth security review of architecture and sensitive code. Strigo development and testing environments are separate from its production environment.
  • Employee hiring process includes background screening.
  • At least annually, engineers participate in secure code training covering OWASP Top 10 security flaws, common attack vectors, and Strigo security controls. 
  • Vulnerability Disclosure Process – Strigo considers privacy and security to be core functions of our platform. Earning and keeping the trust of our customers is our top priority, so we hold ourselves to the highest privacy and security standards. If you have discovered a security or privacy issue that you believe we should know about, we would love to hear from you. Please reach out to us at security@strigo.io and let us know.

Application monitoring

  • All access to Strigo applications is logged and audited.
  • Logs are kept for at least one year.
  • Strigo maintains a formal incident response plan for major events.

Uptime

Strigo maintains a publicly available system-status webpage which includes system availability details, scheduled maintenance, service incident history, and relevant security events.

Product
Lab EngineEmbeddable LabsVirtual ClassroomAI Training Assistant
Solutions
Hands-on TrainingProduct Demos & POCsEvents & WorkshopsDeveloper MarketingTraining Partner ManagementCustomer EducationTraining ProvidersDigital Transformation
Learn
Help CenterCase StudiesGlossaryAPIs and Developers
Resources
BlogTrust and SecurityProfessional Services
Company
About usWork with us
© 2025 Strigo. All rights reserved.
Privacy PolicyTerms of ServiceSecurityCookie SettingsService Status