Wowza Corporate Security Measures

Wowza has built a culture of security that protects customer and company data through a holistic set of controls, processes, and guidelines. As part of our commitment to delivering secure streaming services and ensuring customer confidentiality, we’ve outlined the security practices governing our infrastructure and day-to-day operations below. In adherence to these practices, we ask that any customer who identifies a vulnerability contact technical support immediately to streamline the mitigation process.

Product Security

Security Testing and Code Quality Assessments

Wowza uses automated tools to scan our source code for vulnerabilities as well as code errors, which we then remediate in the next release.

Penetration Testing

Wowza regularly performs third-party penetrations tests to identify vulnerabilities for resolution.

Monthly Security Burn Down Day

Wowza’s Engineering team participates in a once-monthly security-focused day to keep security top of mind and prioritize continuous improvement.

Two-Factor Authentication

The Wowza Streaming Cloud service leverages two-factor authentication across all access points to protect all access to infrastructure, source code, and cryptographic secrets.

Customer Security Capabilities

Wowza offers a full suite of content protection capabilities for customers to configure in deploying their streaming solutions, however, whether or not this is a priority is at their discretion.

live streaming software for apps

Continuous Monitoring and Incident Response

24/7 Support and Monitoring

Technical support is included with all active monthly subscriptions and maintenance and support contracts.

Wowza System Status

When there is a service-impacting issue, the Wowza System Status page will provide clear and transparent communication to our customers.

Incident Response Plan

Wowza proactively tracks and addresses all incoming security requests in accordance with our incident response plan. Specifically, Wowza’s 24/7 on-call team of engineers triages all incoming security items, updates the NIST database of Common Vulnerabilities and Exposures (CVEs), and documents vulnerabilities and fixes in product release notes.

Uninterrupted Real-Time Monitoring

Infrastructure Security

Wowza intentionally does not store customer data or gather personally identifiable information (PII) on our own servers.

Uninterrupted Real-Time Monitoring

Physical Security

Access to Wowza’s office location is restricted to authorized employees, contractors, and visitors using badge entry and entrances are monitored via video surveillance.

Business Continuity

Business Continuity

Wowza maintains a formal Business Continuity and Disaster Recovery plan.