Overview
Welcome to gridX's Security Portal.
Our customers trust us with a crucial part of their business in a very sensitive and regulated area. We understand that if our services are unreachable, your company’s success might be affected. Consequently, we aim to go beyond industry best practices and be transparent about the security measures we take.
We actively foster a culture of security. As part of the development of new features and components, potential security issues are being analyzed and measures are taken. On this page, we provide an overview of gridX security measures and principles and dive into details of the respective components and how these security measures apply there. This page is not guaranteed to be a complete picture of all measures gridX applies as these are constantly evolving.
Compliance
We adhere to industry best practices and we are working towards compliance certifications.
Documents
Risk Profile
Product Security
Reports
We may provide security-related reports upon request.
Self-Assessments
We are working on our security compliance. We can provide completed questionnaires upon request.
Data Security
App Security
Legal
Data Privacy
Access Control
Infrastructure
Endpoint Security
Network Security
Corporate Security
Policies
Security Grades

Trust Center Updates
Given that a few of our subprocessors happen to be impacted by New Relic's recent breach, our security team started an investigation to assess whether any of our customers' data may have been impacted.
The result of this investigation was that no customer(-related) data was impacted by such an attack, which mainly impacted staging environments of New Relic on which data is stored that "provide visibility into how [New Relic's] customers are using New Relic and certain logs".
The file transfer platform MOVEit was recently affected by two zero-day vulnerabilities, CVE-2023-34362 and CVE-2023-35036, that enabled un-authenticated attackers to gain unauthorized access to MOVEit Transfer's database.
The security team at gridX has investigated the matter and concluded that:
- gridX does not utilize the MOVEit application or any other platforms that utilize it, such as Zellis.
- Similarly, gridX's subprocessors do not utilize any of the platforms affected by the aforementioned vulnerabilities.
If you think you may have discovered a vulnerability, please send us a note.