Buildkite is a continuous integration platform used by software development teams all over the world. We strive to provide a high level of security both organizationally, through company culture and formal controls, and technically, through our technical choices and the software we provide for you to use. If you have any questions, or encounter any issues, please email firstname.lastname@example.org.
We strive to work closely with the security community, and we operate a bug bountry program through HackerOne to reward those who find and report bugs in our platform. To see the terms and participate in the program, please email email@example.com and request an invite to our HackerOne program.
All of our services run in the cloud. Buildkite does not run it's own routers, load balancers, DNS servers, or physical servers.
Documentation and Change Control
We manage all our infrastructure as code, allowing us to audit and peer review any changes, and to provide a secure and automated process for applying these changes.
All code is reviewed by a senior engineer with security best practice training before being deployed to production systems.
Automated Testing and Build Processes
We have an extensive set of automated testing procedures that are run for every code change.
Buildkite keeps up to date with software dependencies and has automated tools scanning for common security issues including Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), and SQL Injection.
Development and QA Environments
These environments are separated physically from Buildkite's production environment. No customer data is ever used in development or QA environments.
We protect against brute force attacks with rate limiting technology. All sensitive data such as password and API tokens are filtered out of logs and exception trackers. User passwords are one-way encrypted and salted before being stored in our database.
Buildkite performs regular penetration test audits with a contracted third party.
Employee Access to Data
Buildkite employees will only ever access customer data when it's required for support related duties. When a customer contacts support, support staff may sign into their account to help debug a problem with builds or check pipeline settings. When this happens, staff will do their best to respect customer privacy and only access the builds and settings required to diagnose and debug the issue.
Buildkite does not have access to customer source code, or artifacts customers host on third parties such as Amazon S3 or Google Cloud.
Data in Transit
All data transferred in and out of Buildkite is encrypted using hardened TLS. Buildkite is also protected by HTTP Strict Transport Security and is pre-loaded in major browsers. Additionally, data transferred to and from Buildkite's backend database is encrypted using TLS.
Buildkite is not subject to PCI obligations. All payments processing is outsourced to Pin Payments and Stripe.