Network Intelligence Starts with Trust

Our team's top priority is delivering you a reliable service
built on rigorous standards of information security and privacy.


Since inception, protecting the security and privacy of our data has been a top priority for ThousandEyes. Our customers trust us to collect and store information about performance of networks and applications they use. Depending on the deployment scenario and specific customer use cases, this could include information from the Internet that constitutes public domain knowledge and/or information from private enterprise networks. As such, we treat all data collected as highly sensitive and have implemented a security program to ensure its confidentiality, integrity, availability and privacy.

We start with a solid management foundation through adoption of the widely recognized and respected ISO/IEC 27001 standard for our information security management system. Our privacy management system is based on the Safe Harbor Framework, which was developed by the U.S. Department of Commerce in concert with the European Commission. Jointly these form a ThousandEyes Unified Security and Privacy Management Framework (USPMF) that is supported by strict policies, standards, technologies and processes. We continually improve our USPMF by implementing additional technical and organizational controls to ensure customer data is always protected with best current practices.
Unified Security and Privacy Management Framework (USPMF)


There are a number of laws and regulations that ThousandEyes and our employees comply with:
  • ISO/IEC 27001:2013
  • FTC regulations
  • U.S.-E.U. & U.S.-Swiss Safe Harbor frameworks
  • Bureau of Industry and Security U.S. Department of Commerce requirements
  • TRUSTe Privacy Program Requirements
  • All other relevant national and local legal, regulatory and contractual requirements

We have implemented a two step approach to compliance. First, we ensure that all external and internal requirements are embedded within our policies and supported by underlying standards, technologies and processes. Second, through internal risk assessments and audits, we regularly test to ensure that all security controls are implemented properly and operating effectively.

We use an independent third party to perform AT Section 101 attestation that produces a SOC2 Type II report for the Security principle. In addition, an independent third party performs a yearly enterprise risk assessment on our critical information resources.

ThousandEyes is a corporate member of Cloud Security Alliance, where we share information and collaborate with other industry leading companies in order to maintain the highest level of security best practices.


Efficient Vulnerability Management with Qualys
Identity Management for the Cloud Era, Part I: Challenges of User Access Management
Identity Management for the Cloud Era, Part II: AD FS Configuration
SAML-Based SSO with ThousandEyes and Okta
Shared Responsibilities for Security in the Cloud
ThousandEyes Privacy Management System

Security & Privacy