Wowza has built a culture of security that protects customer and company data through a holistic set of controls, processes, and guidelines. As part of our commitment to delivering secure streaming services and ensuring customer confidentiality, we’ve outlined the security practices governing our infrastructure and day-to-day operations below. In adherence to these practices, we ask that any customer who identifies a vulnerability contact technical support immediately to streamline the mitigation process.
SOC 2 Type II Compliant
99.95% Uptime SLAs
Code Vulnerability Scans
Wowza uses automated tools to scan our source code for vulnerabilities as well as code dependencies. Wowza commits to remediating critical and high vulnerabilities prior to major releases.
Customer Security Capabilities
Wowza offers a full suite of content protection capabilities for customers to configure in deploying their streaming solutions. However, whether or not this is a priority is at their discretion.
Wowza’s Engineering team follows a Change Management Procedure to enforce segregation of duties and ensure that peer review is conducted on all code prior to pushing it to Wowza’s production environment.
Wowza maintains a formal Risk Register which is reviewed and updated on an ongoing basis to ensure Wowza is appropriately responding to or remediating any potential risks and vulnerabilities.
Two-Factor Authentication and Access Control
Internally, Wowza leverages two-factor authentication across access points to protect all access to infrastructure, source code, and cryptographic secrets. Wowza also enforces an industry standard password policy for access to company laptops and production environments.
Wowza is SOC 2 certified. This third-party audit report captures Wowza’s internal controls and safeguards to showcase how well those controls are operating. To request a copy of our SOC 2 report, please email firstname.lastname@example.org.
Continuous Monitoring and Incident Response
24/7 Support and Monitoring
Technical support is included with all active monthly subscriptions and maintenance and support contracts. Wowza also utilizes various tools to monitor for security events and system uptime.
Wowza System Status
When there is a service-impacting issue, the Wowza System Status page will provide clear and transparent communication to our customers.
Incident Response Plan
Wowza proactively tracks and addresses all incoming security events in accordance with our Incident Response Plan. Wowza’s Incident Response Team triages all incoming security events and is prepared to respond to potential security incidents on a 24/7 basis.
Wowza intentionally does not store customer data or gather personally identifiable information (PII) on our own servers.
Access to Wowza’s office location is restricted to authorized employees, contractors, and visitors using badge entry and entrances are monitored via video surveillance.
Wowza maintains a formal Business Continuity and Disaster Recovery plan and undergoes annual table-top tests to ensure Wowza’s leaders are prepared in the event of an outage or incident.
Announcing: SOC 2 Type 2 Certified
Wowza is now SOC 2 Type II certified with zero exceptions. Our customers can rest easy knowing that their data is safe with us, and that our solutions were developed with their success in mind.
Secure Video Streaming: Protecting Your Content
Wowza helps you secure your video content at every part of the workflow, from restricting playback to implementing studio-approved digital rights management (DRM).
Wowza System Status Page
We work to ensure we are delivering the best experience possible. When there is a service-impacting issue, this page will provide clear and transparent communication to our customers.