We monitor the security of our products and applications through various ongoing activities, including logs.
Incident response and vulnerability management
Uses:
Insomnia
Related Documentation
Related Resources
FAQs
Does Insomnia have any compliance certifications?
Yes. Insomnia is included in Kong’s annual SOC 2 Type II audit and holds a CSA STAR Level 1 certification. Reports are available on the Kong Trust Center.
Where do I download the Software Bill of Materials (SBOM) for Insomnia?
From the Insomnia GitHub Releases page, download the sbom.spdx.json and sbom.cyclonedx.json SBOM files.
Do you have any penetration test results from external parties?
Yes. Insomnia undergoes annual penetration testing by Cobalt. Reports are available on the Kong Trust Center.
How often do you release major updates, and/or security patches?
We regularly update the Insomnia desktop application. Security and hotfix patches are handled on a case-by-case basis and can occur at any time.
Do you maintain documentation when an incident/event occurs?
When an incident occurs, we perform an internal post-mortem and disseminate information accordingly, either through the site in the form of a blog post, or through social media/support on a case-by-case basis.
In case of a security breach, do you notify customers?
Yes, via email.