Trust Center
Security is built into our bones
Delinea’s Privileged Access Management solutions are built with security as a foundation from the start. We adhere to industry standards and frameworks, and ensure security testing is performed as a critical component of our software development processes along with continuous Quality Assurance (QA) checks.
Our cybersecurity defense measures address key components, including intrusion detection, Distributed denial-of-service (DDoS) attack prevention, penetration testing, behavioral analytics, anomaly detection, machine learning, and Security Operations Center. We also monitor and protect against critical web application security risks incorporating OWASP Top 10 and Automated Top 20 threats.
Encryption assured for data in transit and at rest
Customer data is fully isolated and encrypted both in transit and at rest, using the AES-256 standard encryption algorithm and PBKDF2-HMAC-SHA256 hashing algorithm. Delinea uses private encryption keys for each customer, with third-party key management support (AWS KMS). Secrets are systematically “salted” before being hashed and encrypted with their own unique Initialization Vector and Key.
Connections to Delinea cloud services are protected via Transport Layer Security (TLS). Distributed Engine communications are also secured with an additional encryption key unique to each tenant.
Documents
Delinea Platform achieves PCI-DSS compliance
Delinea Platform has achieved PCI DSS 4.0.1 compliance, ensuring adherence to industry-recognized security requirements for payment data. Supporting documentation can be found by clicking on PCI-DSS in the Compliance section.
Assessment of recently-announced Critical Vulnerabilities in React and Next.js (CVE-2025-55182 and CVE-2025-66478)
Delinea has reviewed the recently announced React and Next.js critical vulnerabilities (CVE-2025-55182 and CVE-2025-66478) and has determined that Delinea products are not impacted. Delinea will continue to monitor and assess the vulnerabilities as new updates become available and will provide further communications if our disposition changes.
Gainsight Security Notification
Delinea has reviewed the recently announced Gainsight compromise and has confirmed that Delinea has not been impacted. Delinea will continue to monitor and assess this vulnerability as new updates become available and will provide further communications if our disposition changes.
If you have questions, please contact your Customer Success Manager, Engagement Manager, or Partner Manager. Please subscribe to the Delinea Trust Center for future security and other important announcements.
BRICKSTORM Malware Notification
Delinea is aware of recent reports concerning the BRICKSTORM malware strain being used to steal privileged credentials to gain access to sensitive systems such as Delinea Secret Server and move laterally to additional systems. To be clear, this is not a vulnerability in Delinea products. Threat actors are constantly evolving their tactics, which is why we continuously monitor the landscape and update our defenses to help protect our customers. We also encourage all organizations to remain vigilant and follow security best practices, as layered defenses are critical in today's environment.
If you have questions, please contact your Customer Success Manager, Engagement Manager, or Partner Manager. Please subscribe to the Delinea Trust Center for future security and other important announcements.
NPM Supply Chain Vulnerabilities Assessment
Delinea has reviewed the recently-disclosed NPM supply-chain vulnerabilities (disclosure by Aikido on September 8, 2025 and the disclosure associated with the Shai‑Hulud attack on September 16, 2025), and has determined that Delinea products are not impacted. Delinea will continue to monitor for further disclosures and for the latest available threat intelligence relating to NPM supply chain attacks, and will provide an update if our assessment changes.
If you have questions, please contact your Customer Success Manager, Engagement Manager, or Partner Manager. Please subscribe to the Delinea Trust Center for future security and other important announcements.