SafeBase helps B2B SaaS companies close enterprise deals faster by streamlining the security assessment process. We take security seriously and have a dedicated internal security team. Our security team's controls and policies are detailed in this Trust Center. If you have any additional questions or concerns, please email us at security@drata.com.
OpenAI
LinkedIn
Abnormal Security
Asana
Wiz
Instacart
ClickUp
Zoom
Ramp
Crossbeam
GitLab
T-Mobile
Jamf
PalantirDocuments
- Is sensitive data encrypted at rest and in transit?
- Will my data be transferred or shared with any third parties?
- What is Drata's tenancy model and how is customer data segregated?
- Are all personnel required to use Multi Factor Authentication (MFA) to access the production cloud environment?
- Are there any web facing application protection mechanisms?
Drata Not Impacted by Axios npm Supply Chain Attack
On March 30, 2026, Drata became aware of the Axios npm supply chain attack security incident.
Threat intelligence sources have reported that this incident introduced a malicious dependency into specific npm releases of the widely used HTTP client Axios, specifically axios@1.14.1 and axios@0.30.4.
-Recommended: Supply Chain Attack on Axios Pulls Malicious Dependency from npm, Socket Research Team
-Recommended: Hidden Blast Radius of the Axios Compromise, Socket Research Team
We want our customers to know that Drata is not impacted by this threat.
We do not leverage the affected versions of this software (axios@1.14.1 or axios@0.30.4) within our product and therefore the confidentiality, integrity, and availability of our systems remain unharmed.