Security Notice

Security is a non-negotiable priority lying at the heart of Outsight, and we firmly believe it is crucial to ensuring an unwavering trust bond with our valued customers and partners.

Policies & controls

Outsight’s Security teams establish policies and controls, monitor compliance with those controls allowing the company to obtain the most prestigious cybersecurity certifications.

Our policies are based on the following foundational principles:

  1. Access should be limited to only those with a legitimate business need and granted based on the principle of least privilege.
  2. Security controls should be implemented and layered according to the principle of defense-in-depth.
  3. Security controls should be applied consistently across all areas of the enterprise.
  4. The implementation of controls should be iterative, continuously maturing across the dimensions of improved effectiveness, increased auditability, and decreased friction.

Outsight is regularly audited and maintains compliancy with ISO 27001, SOC2 Type II, and TISAX information security requirements.

Real-time treatment, no storage

Outsight’s core perception product only uses 3D data for real-time treatment.

Therefore, the customer data is not stored, Shift Perception acts as a streamer of actionable information based on raw 3D data coming from the LiDARs.

Best-in-class software development

Outsight follows a software development workflow with high expectations regarding security concerns.

From development to integration, the software development team follows strict rules to guarantee the best security level for our customers:

  • Static analysis testing of code during development and on an ongoing basis.
  • Software composition analysis to identify known vulnerabilities in our software supply chain.
  • Dynamic analysis of running applications.
  • Security patching based on latest CVE updates.

Enterprise security

Outsight believes in employee education regarding security concerns.

Outsight provides comprehensive security training to all employees upon onboarding and annually through educational modules on various dedicated platforms like Riot, Vanta, etc.

In addition, Outsight performs regular fake attacks or phishing campaigns as trainings and to ensure the right actions if such an event happens.

Identity & access management

With great power comes great responsibility. Outsight relies on trusted 3rd-party vendors to manage identity & access management.

Employees are granted access to applications based on their role, and automatically deprovisioned upon termination of their employment. Further access must be approved according to the policies set for each application.