Org Logo

CodeRabbit is an AI-powered code reviewer that delivers context-aware feedback on pull requests within minutes, reducing the time and effort needed for manual code reviews. It provides a fresh perspective and catches issues that are often missed, enhancing the overall review quality.

CodeRabbit Inc recognises that the confidentiality, integrity and availability of information and data created, maintained and hosted by us are vital to the success of the business and privacy of our partners.

As a product, we understand the importance in providing clear information about our security practices, tools, resources and responsibilities within CodeRabbit Inc so that our customers can feel confident in choosing us as a trusted provider.

This Security Posture highlights high-level details about our steps to identify and mitigate risks, implement best practices, and continuously develop ways to improve.

Compliances (4)

Compliance Logo

SOC 2

Compliant

Compliance Logo

GDPR

Compliant

Compliance Logo

ISO 27001

In progress

Compliance Logo

ISO 42001 v2023

In progress

Controls

Continuously monitored

Product security (1)

Situational Awareness For Incidents

Data security (5)

Termination of Employment

Encrypting Data At Rest

Data Backups

Network security (5)

Impact analysis

Limit Network Connections

Anomalous Behavior

App security (2)

Conspicuous Link To Privacy Notice

Regression Testing

Endpoint security (2)

Full Device or Container-based Encryption

Endpoint Security Validation

Corporate security (21)

Code of Business Conduct

Organizational Structure

Roles & Responsibilities

Resources (49)

Data Protection Policy

Data Protection Policy outlines the measures to safeguard personal information and comply with data protection laws, business requirements, local regulations, and contractual obligations.

Endpoint Security Policy

Endpoint Security Policy outlines measures to protect an organization's production systems and critical data from unauthorized access via information systems accessed by internal and external users.

Data Breach Notification Policy

Data Breach Notification Policy outlines procedures for promptly notifying individuals and authorities in the event of a data breach.

Subprocessors (18)

Subprocessor Logo

GCP

United States of America

IT infrastructure

Subprocessor Logo

Anthropic

United States of America

Artificial Intelligence

Subprocessor Logo

OpenAI

United States of America

Artificial Intelligence

Subprocessor Logo

Datadog

United States of America

IT infrastructure

Subprocessor Logo

LanceDB

United States of America

IT infrastructure

FAQ (7)

No, CodeRabbit does not store your code. Once a code review is completed, the cloned repository is discarded. During the entire review process, your code is fully isolated within a secure environment. No one, whether internal or external to CodeRabbit, has access to your code during the review. This ensures maximum security and privacy.
Yes, you can! With our Enterprise Self-Hosted option, CodeRabbit can be deployed directly on your company's data centers or cloud environments. This deployment guarantees that all interactions with CodeRabbit and your codebase stay within your organization's network, ensuring complete data sovereignty.

CodeRabbit connects with large language model (LLM) providers to enhance the quality of code reviews. We only send code diffs and contextual data to ensure better suggestions. All data sent is encrypted using Transport Layer Security (TLS). Importantly, proprietary code is never used to train these models. Queries made to LLMs are ephemeral and no data is logged or retained.

When a code review is initiated, CodeRabbit operates in a completely isolated environment. Once the review is posted, the entire environment is disposed of, ensuring that no traces of your code remain on our servers. This guarantees the complete confidentiality and integrity of your codebase throughout the review process.

Building trust, made easy by

Sprinto Logo

Create your own Trust Center