Hello, I was wondering where I would be able to find the RTO/RPO for SonarCloud.
I have had a look at the trust center/whistic profile and i cant find the exact figures listed anywhere I just wanted to see if I could be linked/pointed in the direct of the webpage/document that contains the figures.
Thanks
I don’t believe we have these figures published anywhere. If you are using SonarCloud Enterprise, you may be interested in the documentation on SLA.
Ok thanks Colin. I could not see them on that page you linked. Is there anyway I could get these figures so that I am able to complete the Due Diligence assessment.
Thanks
Hey @Zack
All I can share is links to our Trust Center (see Hosting and Resilience) and SLA (as before). We don’t publish an RTO/RPO figure.
Hi Colin,
Ok thanks.
I got a couple other questions to help me close out the assessment.
When the service is terminated (the customer decides to it no longer wants to use the service) how quickly is the customer data removed and is it removed in line with any security practices? e.g. NIST 800-80, IEEE?
Does SonarSource use any AI in order to process customer data?
Do you have a direct POC (point of contact) that could be used for the next annual review on products provided by SonarSource?
Lastly Has there been any reported security incidents within the last 12 months?
Thanks
Hi Colin, Just wanted to see if there was any updates on my previous message
Hey Zack.
If it’s not in our Trust Center (which includes information about data retention, and data subprocessors), I don’t have any secret extra info.
This is a Community forum, we aren’t filling out security questionnaires. You may be able to try your luck, in a commercial context, with our contact forum.