Security at DebugBear
At DebugBear we are committed to keeping customer data secure.
What is DebugBear?
DebugBear monitors the loading speed of your website.
DebugBear Synthetics
For synthetic (or lab-based) monitoring you simply enter a website URL you want to monitor and we run regular tests opening the website from our severs.
DebugBear RUM
With DebugBear RUM you install an analytics snippet on your website to monitor real user experiences.
What data does DebugBear have access to?
DebugBear Synthetics
In most cases we do not have any special permissions to access your IT infrastructure. We do not collect data on your website visitors and only run site speed tests on your public-facing website.
In some cases you may grant additional access rights to DebugBear. For example, you disable bot blocking from IP addresses used by the DebugBear test servers. Or you monitor staging servers that are protected using HTTP Basic Authentication.
When integrating DebugBear into your Continuous Integration (CI) process we will usually have access to commit messages in your version control system.
DebugBear RUM
DebugBear RUM collects data on how visitors experience your website. Learn more about what data we collect.
DebugBear Team access
As part of providing the service to you we will process user account data for your team members.
Infrastructure and physical access controls
DebugBear uses reputable third-party providers to host its production infrastructure. We rely on these third parties to manage the physical access controls to the data center facilities that they manage.
We primarily use Google Cloud to deliver our service.
Within our infrastructure the permissions of individual services are restricted to increase security.
System access controls
Whenever possible we use two-factor authentication to secure accounts that store user data. We use password managers to prevent duplicate passwords.
Devices used at DebugBear use encryption to keep data secure if a device is lost.
Data access controls
Your DebugBear data is not accessible externally unless you have shared it with another user or made it available publicly.
Within DebugBear, only specific employees and contractors are granted access to customer data.
Transmission controls
Our website is only accessible over HTTPS and we also use encryption when communicating with third-party services. This ensures data cannot be read or modified without authorization.
Data deletion and backups
To protect against accidental data loss, DebugBear schedules "soft" deletions in advance before fully removing the data.
DebugBear also uses backups to be able to restore data following a data loss.
Passwords
User account passwords are stored cryptographically hashed and salted.
Credit card details
DebugBear never has direct access to your credit card details. Credit card information is handled exclusively by Chargebee and Stripe.
Slack app
Our Slack integration only has access write access to the channel you specify. It does not have read access to your Slack workspace.
You are using an old browser that is not supported anymore. You can continue using the site, but some things might not work as expected.