Information about conducting security due-diligence on 6clicks and frequently asked questions
Where can I find information about 6clicks hosting, policies, processes and controls in relation to information security?
1. Refer to the following KB articles:
- 6clicks Trust webpage
- 6clicks' approach to security and data privacy
- 6clicks Cloud Infrastructure and Data Hosting
2. Check out our results on the following public services:
- Qualys SSL Labs - A rating
- Probely Security Headers - A rating
- SecurityScorecard - A rating
- MX Toolbox - Valid DMARC record
3. Please contact your sales account executive to request more information about the 6clicks cyber and information security program. Your sales account executive can arrange access to the 6clicks Trust Portal where additional information is viewable and/or access to the 6clicks security team and CISO.
6clicks performs comprehensive independent external audits of its security program to minimise the need for customer-by-customer audits.
If you have security due diligence needs above and beyond what is available via the 6clicks Trust Portal, then please contact your sales account executive.
What is our penetration testing process?
6clicks conducts independent penetration testing regularly and shares a summary of the results with customers as requested and approved via the 6clicks Trust Portal.
To avoid disruption, 6clicks does not authorize customer-initiated penetration testing which would be in breach of the terms of service.
Any general product defects can be reported to the development team by submitting a Support Ticket via the 6clicks Knowledgebase.
Any security weaknesses and vulnerabilities can be sent directly to the security team (optionally encrypted using PGP) as published in our security.txt file.
6clicks welcomes any feedback from customers on their requirements and our processes and we will consider updates at our sole discretion.