Trust Center

Start your security review

View & download sensitive information

Trust Center Updates

Update to Subprocessor List - 012126

Copy link

Subprocessors

Update (21 January 2026): We have updated our Subprocessor List. Please visit the Legal section below for details.

Update to Subprocessor List - 011626

Copy link

Subprocessors

Update (16 January 2026): We have updated our Subprocessor List. Please visit the Legal section below for details.

Critical n8n Vulnerability (CVE-2026-21858)

Copy link

Vulnerabilities

AlphaSense is aware of a maximum-severity security flaw in n8n, a popular workflow automation platform, that allows an unauthenticated remote attacker to gain complete control over susceptible instances.

Based on the information currently available from n8n, we can confirm that AlphaSense does not use this and is not affected by this incident.

We will post updates here as n8n completes their investigation and shares further findings.

Update to Subprocessor List - 122025

Copy link

Subprocessors

Update (20 December 2025): We have updated our Subprocessor List. Please visit the Legal section below for details.

Update to Subprocessor List - 121725

Copy link

Subprocessors

Update (17 December 2025): We have updated our Subprocessor List. Please visit the Legal section below for details.

Overview

Welcome to AlphaSense's Trust Center. Our commitment to data privacy and security is embedded in every part of our business. Use this Trust Center to learn about our security posture and request access to our security documentation.

Compliance

ISO/IEC 27001:2022

SOC 2

SOC 2 Type 2

AlphaSense is reviewed and trusted by

Microsoft

Goldman Sachs

JP Morgan Asset Management

Google

Documents

POLICIESAcceptable Use Policy

POLICIESAccess Control Policy

AIAI Governance

APP SECURITYApplication Penetration Testing

POLICIESAsset Management Policy

POLICIESBackup and Restore Policy

POLICIESBusiness Continuity/Disaster Recovery (BC/DR) Policy

BC/DRBusiness Continuity Plan (BCP)

POLICIESChange Control Policy

LEGALCyber Insurance

POLICIESData Classification Policy

POLICIESData Protection Policy

Access Control

Access is tightly monitored and controlled at our company. We are happy to provide more details about our access control practices upon request.

AI

AI Governance

App Security

Responsible Disclosure

Application Penetration Testing

Software Development Lifecycle

Asset Management

We have strict asset management policies in place to ensure that all assets are accounted for and secure.

BC/DR

Business Continuity Plan (BCP)

Change Management

We have a change and configuration management process in place to ensure that changes are properly reviewed and approved.

Continuous Monitoring

Security Information & Event Management (SIEM)

Corporate Security

Incident Response

Data Privacy

Privacy of customer data is top of mind. We follow industry best practices and follow all applicable privacy regulations.

Data Security

Sensitive Data Management

Endpoint Security

We follow industry best practices for endpoint security. We are happy to provide more details about our endpoint security practices upon request.

Incident Response

Incident Reporting Process

Infrastructure

We take great care to work with best-in-class infrastructure providers that provide secure computing and storage. We are happy to provide more details about our infrastructure upon request.