Just Launched: Gives learners instant access to your knowledge with Ask AI  →

Security you can trust. Transparency you deserve.

Your data is the foundation of everything. We protect it like it's our own, with enterprise-grade security built in and always top of mind.

Talk to SalesRead Our Policies
World class organizations trust Disco
Application Security

Built secure from the start

Security isn't a checkbox we tick before shipping. It's woven into every line of code, every release, every review.

Continuous vulnerability management assesses threats

Independent penetration testing is conducted annually

All new features are reviewed for security impact

Mandatory code reviews are conducted

Dev and testing environments are fully isolated from production.

Infrastructure is managed via Terraform — every change is reviewed

Infrastructure

Resilient by design

Our platform is built for reliability. Disco hosts in Amazon Web Services (AWS). Amazon provides an extensive list of compliance and regulatory assurances, including SOC 1-3, and ISO 27001. See Amazon’s compliance and security documents for more detailed information.

Systems are hosted across two AWS availability zones for high availability.

Databases are configured for hot-failover with a standby replica always ready.

Auto-scaling ensures the platform stays fast during traffic spikes.

Data Security

Your data is encrypted. Always.

We apply enterprise-grade encryption to everything, in transit and at rest. Your members' data is never exposed.

Every connection uses at minimum TLS 1.2 encryption in transit

All customer data encrypted at rest using AES-256 bit encryption

AWS Key Management Service (KMS) manages all encryption keys

A+ grade maintained on Qualys SSL Labs — independently verified

GDPR & SOC 2 Type 1 certified

View Privacy Policy
Access Control

Sign in your way, securely

From enterprise SSO to social sign-on, Disco gives every organization the access controls that fit their security requirements.

SAML SSO. Enterprise.

Google Sign-On. All Plans.

Apple Sign-On. All Plans.

Get our policies

We believe trust is built on transparency. Read any of our policies below.

Privacy Policy
Terms of Service
End User License Agreement
Sub-Processors List
FAQ

Common security questions

Is Disco SOC 2 certified?

Yes. Disco has successfully completed a SOC 2 Type I audit. This means an independent auditor has verified that our security controls are properly designed to protect your data. We're continuing our journey toward SOC 2 Type II.

Is Disco GDPR compliant?

Yes. Disco is fully GDPR compliant. We support data subject rights including access, deletion, and portability. We also offer a Data Processing Agreement (DPA) for customers who require it. Visit our Privacy Policy for full details, or reach out to discuss your specific requirements.

How is my data encrypted?

All data in transit is protected using TLS 1.2 or higher. All data at rest is encrypted using AES-256 bit encryption. Encryption keys are managed through AWS Key Management Service (KMS). Our SSL configuration independently earns an A+ rating on Qualys SSL Labs.

Where is my data stored?

Disco's infrastructure is hosted on Amazon Web Services (AWS) across two availability zones, ensuring high availability and resilience. Our databases are configured for hot-failover, meaning there's always a replica ready if anything goes wrong. If you have specific data residency requirements, please contact our team.

Does Disco support Single Sign-On (SSO)?

Yes. Enterprise customers can configure SAML SSO, bringing their own identity provider and security requirements. All customers can use Google and Apple social sign-on. SSO configuration is available on Enterprise plans — reach out to your account team to get set up.

How do you handle security vulnerabilities?

We run a continuous vulnerability management process that assesses threats both externally and from third-party libraries. We also conduct annual penetration testing with independent security researchers.

Can I get a copy of Disco's security documentation?

Absolutely. We can share our SOC 2 report, security overview, and other documentation under an NDA. Available on request from our team.

Does Disco perform background checks on employees?

Yes. All employees with access to customer data undergo background checks as part of our hiring process. Access to production systems is granted on a least-privilege basis and reviewed regularly.

Learn how Disco can help you build transformational learning experiences

Book a DemoTalk to Sales
Computer monitor displaying Disco Launch Labs community platform dashboard featuring navigation menu, welcome message, events, monthly leaderboard, and featured conference.
The AI Native Learning Platform.
Built for Human Transformation.
Join Disco Academy
An exclusive learning academy designed to help you build social learning experiences that engage and thrive.
Learn more ->
Subscribe
Thank you! You are now subscribed!
Oops! Something went wrong while submitting the form.
Join 1000+ leaders shaping the future of learning.
Get Started
PricingStart Free TrialBook a DemoTake a TourSign In
Platform
Create ProgramsEngage MembersScale OperationsDisco AIAsk AIMobile AppIntegrationsAll Features
Solutions
Sell Learning ProgramsRun Learning CommunitiesEducate CustomersTrain Employees
Learning Hubs
AI Powered LearningCohort-Based LearningTraining BusinessesCustomer AcademiesCompetitors
Resources
Customer StoriesProduct UpdatesHelp CenterBlogLearning Community DirectoryProduct UpdatesPartner with Us
Company
About UsManifestoCareersContact UsSubmit a Request
Made with ❤️ Remotely
© 2020-2026 Disco Inc.
Privacy PolicyTerms of Service