Enterprise-level Security

Trust Scaled Agile, Inc. to meet your security and data compliance requirements

Our comprehensive approach to security covers governance, risk management, and compliance for infrastructure, applications, and data. This includes encryption at rest, logical segregation and privacy, SSLv3/TLS encryption, multi-factor authentication, secure data backups and storage, administrative access control, security testing, and session monitoring and logging.

Our Security Standards

About Scaled Agile > Enterprise-Level Security – Enterprise Agility

Infrastructure Security

The SAFe® Studio leverages best-in-class service providers to ensure your data remains private, available, and secure. Our primary providers, Salesforce and Amazon Web Services (AWS), maintain a comprehensive set of compliance certifications, such as SOC2 and SOC3.


All connections to SAFe Studio require Secure Socket Layer (SSLv3/TLS) encryption, thereby ensuring that your data is safe, secure, and available only to registered users in your organization. As an added security measure, the contents of distributed SAFe events on the platform are encrypted at rest.

Session Monitoring and Logging

Scaled Agile issues a session ID in a “cookie”, as an additional security measure. All unsuccessful logins and other system interactions are logged.

Administrative Access Control

Scaled Agile provides each user in your organization with a unique username and password that must be entered each time a user logs in. Only a customer-designated administrator has the authority to manage login accounts under the customer’s subscription.

Third-party Vulnerability Analysis

We have third-party security analysis firms perform periodic vulnerability threat assessments of our applications, to ensure consistently secure performance.

Data Security and Backups

Data Protection

Our security model follows identity and access management best practices to ensure complete logical segregation and privacy of customer data.

All employees and contractors complete initial and ongoing security and privacy awareness training to help minimize the risk of security incidents and data breaches. Scaled Agile maintains formal procedures for incident response and disaster recovery so that our organization is well prepared to address potential security incidents and ensure business continuity.

Multi-factor Authentication

We require MFA for system access for employees and contractors and adhere to strong password policies.

Data Integrity and Storage

Data backups occur nightly and stored in a secure SaaS backup provider and are stored in a rolling seven-day repository.

Privileged Access Management

To minimize the risk of data exposure, Scaled Agile adheres to the principle of least privilege: workers are only authorized to access data that they reasonably must handle in order to fulfill their current job responsibilities.

Our Commitment to Security and Privacy

Learn how we collect and use data at Scaled Agile by viewing our Privacy Notice and Policy.

SAFe Enterprise

SAFe Enterprise is a system of knowledge, tools, and practices essential to successfully scale agile across the enterprise. SAFe Enterprise bundles the critical components of learning, adapting, and practicing SAFe into a single platform, accessible to leaders and teams anytime, anywhere. With SAFe Enterprise organizations now have the tools they need to start an agile transformation, put SAFe to work every day and make the transformation stick.

Back to: About Scaled Agile

For over a decade, the Scaled Agile Framework® (SAFe®) has been the world’s leading framework for business agility. Today, SAFe is in its fifth iteration and has been adopted by more than 20,000 enterprises across the globe. 

Next to: SAFe Enterprise

SAFe Enterprise bundles the critical components Scale Agile adoption, improve collaboration, measure progress, and engage employees with day-to-day agility.