Security and privacy
at Gatling
At Gatling, we know performance means nothing without security. That’s why we build our platform with security, privacy, and transparency at its core. From infrastructure to product features, we apply best-in-class standards to protect your data and ensure your systems stay reliable under load.
Trusted by industry leaders
300.000+ organizations
From government agencies to fintech startups, organizations across 30+ industries rely on Gatling to validate mission-critical systems. Our platform supports some of the world’s most security-sensitive environments, including finance, healthcare, energy, and aerospace, where performance and compliance go hand in hand.
1 million+ users in 65+ countries
Gatling’s global community of developers, QA engineers, and performance specialists contributes to and benefits from a constantly improving ecosystem. Whether in Europe, the US, or Asia-Pacific, teams use Gatling to standardize testing practices, accelerate release cycles, and share knowledge worldwide.
30 million downloads since launch
Gatling has proven its reliability and scalability in real-world projects. This adoption reflects years of continuous innovation, active community support, and trust from enterprises that integrate Gatling at the heart of their DevOps and testing strategies.
Our commitment to security
Governance & leadership
Our executive team is directly accountable for information security. They establish policies, monitor compliance, and ensure continuous improvement of our controls.
Defense-in-depth
We implement layered security measures across infrastructure, processes, and people, ensuring multiple lines of defense protect your data.
Principle of least privilege
Access to systems and data is strictly limited to those with a verified business need.
Data protection
Encryption in transit
All traffic uses TLS 1.3 to protect data integrity and confidentiality.
Encryption at rest
All stored data is encrypted using AES-256 with AWS Key Management Service (KMS).
Secrets management
Gatling EnterpriseE Edition integrates with tools like AWS Secrets Manager to securely handle API keys and credentials.
Infrastructure security
Hosting
on AWS Europe (Paris Region) with isolated, multi-tenant VPC architecture.
High availability
through multi-AZ replication and automated failover.
AWS compliance
with certifications including ISO 27001, SOC 2, PCI DSS Level 1, and HDS.
DDoS protection
using AWS WAF at every edge location.
DDoS protection
using AWS WAF at every edge location.
Backups & recovery
Automated daily backups with cross-AZ replication.
Product & application security
Penetration testing
Regular audits by independent security experts.
Vulnerability scanning
Integrated into our secure development lifecycle (SDLC).
Endpoint protection
All corporate devices use hardened configurations, disk encryption, and anti-malware.
Identity & access management
Role-based access, SSO integration, and automatic deprovisioning on employee departure.
Secure remote access
Strong controls to protect internal systems and remote endpoints.
Compliance & privacy
Fully compliant
with GDPR and CNIL recommendations.
Data processed
in line with EU and UK privacy regulations.
Transparent policies
to safeguard your data and respect your rights.
Continuous monitoring
We use advanced logging and monitoring to detect anomalies, track audit trails, and respond quickly to potential threats.