Sophos Trust Center 

At Sophos, we understand that trust is built — not claimed — and we work to earn it every day through transparency, integrity, and a steadfast commitment to protecting security and privacy.

Trust Center

Recent updates

Sophos supports financial entity compliance with DORA

Learn more

Advisory: Apache Parquet Vulnerability (CVE-2025-30065)

View advisory

INC-2025-001 Sophos Email abused to send spam messages

Read the RCA

waveform-green

Trust is earned through transparency. Explore how we build, protect, and improve the products and services you rely on.

Check Shield Icon

Security

How we design, test, and disclose security measures to safeguard our systems and protect against threats.

Check Clipboard Icon

Compliance

Our commitment to meeting global security standards, regulations, and certification requirements.

Cloud Lock Icon

Data protection and privacy

Our approach to data protection, transparency, and user privacy rights across our products and services.

People Icon

Governance

The principles, policies, and agreements that shape our ethical, legal, and corporate responsibilities.

Wire Globe Icon

Environmental

Our impact-driven sustainability efforts, from reducing e-waste to ensuring workplace safety.

Lightbulb Icon

Resilience

How we maintain uptime, analyze incidents, and continuously strengthen our service reliability.

Compliance and certifications

Sophos follows leading security and compliance standards to help you meet regulatory requirements and stay audit-ready.

iso logo
aicpa logo
pci
hipaa

 

GDPR logo
nist
NIS2 logo

 

View all certifications CTA

Transparent. Always.

Trust must be earned and verified, which is why transparency is a longstanding cornerstone of Sophos’s philosophy guiding how we share security insights, collaborate, and continuously improve.

Open security disclosures icon

 

Open security disclosures

We publish timely and detailed information about security measures, vulnerabilities, incidents and policies to relevant stakeholders.

Shared threat intelligence icon

 

Shared threat intelligence

We share threat intelligence with industry partners and international government agencies, documenting security protocols and communicating openly about breaches or risks.

Continuous improvement icon

 

Continuous improvement

We are open about the weaknesses we have uncovered. This allows others to benefit from what we've learned on our journey to continuously improve the quality and reliability of our products and services.

Transparency in practice: Pacific Rim

Discover how Sophos X-Ops identified a targeted campaign by Chinese nation-state actors—turning the threat into an opportunity to strengthen our defenses and inform the security community.

Read the full report
ocean waves
Joe Levy

This is where we begin to make a difference in the world. To not only keep our customers more secure, but to demonstrate to them how we're keeping them more secure.

Joe Levy, Sophos Chief Executive Officer

light-wave

Reporting security issues

We believe security is a shared effort. Since 2018, our Bug Bounty community has helped uncover over 1,200 vulnerabilities, earning nearly $500,000 in rewards. Join us in making the digital world safer.

Report a vulnerability

light-wave