SolarWinds Trust Center
The latest tips and assets developed for you
Secure by Design – and secure by default
SolarWinds follows a defined software development methodology designed to increase the resiliency and security of our products. This process follows U.S. federal guidelines for secure software development as described in the National Institute of Standards & Technology Secure Software Development Framework (SSDF). Additionally, we follow guidelines described in the Enduring Security Framework (ESF).
- We have formed a cross-functional team of experts to review these guidelines and adjust our processes as required
- We conducted a thorough gap analysis of our development process against the controls recommended in the SSDF
- We identified which controls we met or did not meet
- We then adjusted our processes to meet the unmet controls, or developed alternate secure processes
Security Statement
We strive to implement and maintain appropriate administrative, physical, and technical safeguards, security processes, procedures, and standards designed to protect the confidentiality and security of our customer data.
Vendor Data Protection Requirements
Third-party vendors are used to provide SolarWinds with various goods and services to help facilitate its business. Before entering any third-party relationships, we take deliberate steps to assess the risk related to the vendor relationship. We take care to understand the compliance, reputational, strategic, operational, and transactional risks relating to a particular vendor before entering into a contractual relationship.
SolarWinds follows a defined software development methodology designed to increase the resiliency and security of our products. This process follows U.S. federal guidelines for secure software development as described in the National Institute of Standards & Technology Secure Software Development Framework (SSDF). Additionally, we follow guidelines described in the Enduring Security Framework (ESF).
- We have formed a cross-functional team of experts to review these guidelines and adjust our processes as required
- We conducted a thorough gap analysis of our development process against the controls recommended in the SSDF
- We identified which controls we met or did not meet
- We then adjusted our processes to meet the unmet controls, or developed alternate secure processes
Security Statement
We strive to implement and maintain appropriate administrative, physical, and technical safeguards, security processes, procedures, and standards designed to protect the confidentiality and security of our customer data.
Vendor Data Protection Requirements
Third-party vendors are used to provide SolarWinds with various goods and services to help facilitate its business. Before entering any third-party relationships, we take deliberate steps to assess the risk related to the vendor relationship. We take care to understand the compliance, reputational, strategic, operational, and transactional risks relating to a particular vendor before entering into a contractual relationship.
Case Study
Zenith Pensions relies on SolarWinds for simple, powerful, secure solutions
Follow Zenith's story: Vulnerable to phishing attacks after emailing sensitive info. Witness their journey to a secure file transfer solution.
We hold ourselves to high standards of excellence
Secure file transfer and file sharing from an intuitive, central console
ISO/IEC 27001:2022
The scope of the ISO/IEC 27001:2022 certification is limited to the information security management system (ISMS) supporting the development, maintenance, operations, and support of the SolarWinds products and services (which provide monitoring, observability, incident response and service management capabilities for IT systems, applications, and infrastructure across cloud and on-premises environments) and is additionally inclusive of the controls and control implementation guidance of ISO/IEC 27017:2015 and ISO/IEC 27018:2025, and in accordance with the statement of applicability, version 4.0.
Locations include:
- Austin, Texas
- Charlotte, North Carolina
- Reston, Virginia
- Brno, Czech Republic
- Cork, Ireland
- Krakow, Poland
- Taguig City, Philippines
- Bengaluru, India
To verify certification status please click on the following link: https://www.schellman.com/certificate-directory?certificateNumber=1985896-5
ISO/IEC 27001:2022
The scope of the ISO/IEC 27001:2022 certification is limited to the information security management system (ISMS) supporting the development, maintenance, operations, and support of the SolarWinds products and services (which provide monitoring, observability, incident response and service management capabilities for IT systems, applications, and infrastructure across cloud and on-premises environments) and is additionally inclusive of the controls and control implementation guidance of ISO/IEC 27017:2015 and ISO/IEC 27018:2025, and in accordance with the statement of applicability, version 4.0.
Locations include:
- Austin, Texas
- Charlotte, North Carolina
- Reston, Virginia
- Brno, Czech Republic
- Cork, Ireland
- Krakow, Poland
- Taguig City, Philippines
- Bengaluru, India
To verify certification status please click on the following link: https://www.schellman.com/certificate-directory?certificateNumber=1985896-5
Next Feature:
Security Leaders
Becky Melton
Becky Melton serves as General Counsel and Group Vice President of Corporate Legal at SolarWinds, where she provides senior legal leadership, oversees enterprise-wide legal strategy, and supports the company’s global growth initiatives. She brings extensive expertise in corporate governance, commercial transactions, employment law, and regulatory compliance.
David Ramsey
David Ramsey is our Group Vice President and Chief Information Officer at SolarWinds, where he leads the company’s global IT strategy and operations. With 28 years of CIO experience across multiple companies, he brings deep cross‑industry expertise in modernizing technology and aligning IT with business outcomes. At SolarWinds, he plays a key role in the company’s transformation, applying lessons from prior CIO roles and advisory work.
Brad Cline
Brad Cline, Vice President of Information Technology at SolarWinds, is responsible for strategically directing, developing, and managing the organization’s IT systems and applications. He has over 20 years of engineering experience with 14 years in a leadership role working across the business, providing strategic thought leadership to optimize global business operations and foster continuous improvement and innovation.