Knapsack Pro

What are your security practices? (Vendor Security Review / Due Diligence)

Here you can find all the information needed for your Vendor Security Review to ensure Knapsack Pro's security meets industry standards and best practices.

Terms and Conditions

Knapsack Pro's Terms and Conditions.

Personal Data

We, as your vendor, don't process your customer's data.

We are not a Processor, in terms of GDPR, of personal data (Data Subject) in relation to your organization (Controller).

See the details in the Privacy Policy.

Hosting and Database

Knapsack Pro is hosted on On you can find the following information:

  • Security Assessments and Compliance
  • Penetration Testing and Vulnerability Assessments
  • Network Security
  • Data Security

The database is hosted by Amazon Web Services in Ireland, Europe (eu-west-1). In particular, Knapsack Pro uses Amazon Relational Database Service (RDS).

All the connections with the Knapsack Pro API are protected with SSL.

PCI Compliant Payments

Knapsack Pro uses for encrypting and processing credit card payments. Thanks to Braintree, Knapsack Pro is PCI compliant.

Collected Data

Knapsack Pro client libraries collect a minimal amount of data about your project:

  • Branch name
  • Commit hash
  • Number of parallel CI nodes
  • CI node index
  • File paths of your tests (e.g., spec/models/user_spec.rb)
  • Tests execution time
  • Masked user data for users triggering your CI builds or making git commits (e.g. Jo** Sm*** <jo**.sm***@ex*****.co*> for John Smith <>)

Additionally, you can encrypt tests file paths and/or branch names on your CI node with a salt before they are sent to the Knapsack Pro API. In other words, only you can decrypt the tests file paths or branch names.

Knapsack Pro does not have access to your project source code/repository. Knapsack Pro Admins can see the data listed above if you need help with debugging, but are not able to decrypt your data without the salt.

Start using Knapsack Pro

Sign up and speed up your tests.