Partner with Getlabs to collect diagnostics at home. Learn More
Partner with Getlabs to reach and diagnose your patients faster. Learn More
At Getlabs, we always encrypt data both at rest and in transit for everything we do. We use tools like Google Cloud's Key Management Service to manage encryption keys for maximum security in line with industry best practices and ensure that all of our hardware is managed and securely encrypted.
Getlabs regularly reviews usage and access patterns across our entire organization. In addition, we use high-quality static analysis tooling to secure our product at every step of the development and deployment process.
We also regularly engage with some of the industry's best application security experts for third-party penetration testing, which includes evaluation of the source code, running application, and the deployed environment.
Getlabs uses Google Cloud Platform to host our applications, and we also make use of various GCP security products. We make use of Infrastructure as Code (IaC) to ensure that all infrastructure changes go through our full software development lifecycle (SDLC). This includes code review and end-to-end testing.
In addition, we deploy all our applications using containers on GCP-managed services. We avoid using bare metal or managing our own VMs whenever possible.
Data security is a top priority for Getlabs, and we believe that working with skilled security researchers can identify weaknesses in our technologies and applications. Although we do not manage a bug bounty program, if you believe you've found a security vulnerability in any Getlabs product or service, you can notify us at security@getlabs.com. We will acknowledge your email within 3 business days and we will work with you to resolve the issues as quickly as possible.
Please provide us with a reasonable amount of time to resolve the issue before disclosing it to the public or to a third party. We aim to resolve critical issues within 5 business days of disclosure.
Make a good-faith effort to avoid violating privacy, destroying data, or interrupting or degrading any of our services. We ask that you only interact with accounts you own or for which you have explicit permission from the account holder.
While researching, please refrain from Denial-of-Service (DoS) attacks, spamming, social engineering, phishing Getlabs employees or contractors, and attacking Getlabs' physical property.
Getlabs is always open to feedback, questions, and suggestions. If you would like to talk to us, please feel free to email us at security@getlabs.com.
