Meet YOLO26: next-gen vision AI.

Link to this sectionUltralytics Security & Compliance Team#

Link to this sectionOur Mission#

Mission

We are your partners in maintaining the highest standards of security and compliance. We protect Ultralytics' technology, data, and reputation by implementing robust security frameworks and ensuring adherence to ISO 27001, SOC 2, and other regulatory standards — enabling secure innovation while maintaining customer trust across all business operations.

Link to this sectionSecurity & Compliance Responsibilities#

Information Security Management
  • ISMS implementation and maintenance (ISO 27001 aligned)
  • Security risk assessments and management
  • Incident response and breach management
  • Security awareness training and education
  • Vulnerability management and remediation
Compliance & Audit Management
  • SOC 2 Type I and Type II compliance
  • Regulatory compliance assessments
  • Third-party audit coordination
  • Compliance monitoring and reporting
  • Gap analysis and remediation planning
Security Architecture & Controls
  • Security control design and implementation
  • Access management and identity governance
  • Endpoint protection and device management
Vendor & Third-Party Risk
  • Security vendor assessments
  • Due diligence and risk evaluations
  • Contract security requirements
  • Ongoing vendor monitoring
Business Continuity & Recovery
  • Business continuity planning
  • Disaster recovery procedures
  • Recovery testing and validation
  • Backup and restoration strategies

Link to this sectionContact Information#

Need Help?
Contact TypeDetails
Security Compliance EngineersKristian Sommer, Zuzana Kontrikova
Emailsecurity@ultralytics.com
Slack#compliance (internal team members only)

Link to this sectionSlack Guidelines#

Use the #compliance channel for:

  • Security incidents or emergencies: Tag @compliance-team for urgent issues — response within 1 hour
  • Compliance questions and policy clarifications: Get guidance on compliance and security-related topics
  • Customer security questionnaires and reviews: Submit for team review and completion

Link to this sectionExternal Security Documentation#

Trust Center

trust.ultralytics.com is our centralized repository for all security policies, compliance certifications, and audit documentation.

Link to this sectionCore Security Policies#

  • Information Security Policy
  • Information Security & Privacy Risk Assessment and Treatment Policy
  • Secure Development Policy
  • Third-Party Management Policy
  • Business Continuity and Disaster Recovery Policy

Link to this sectionCompliance Attestations#

DocumentStatus
SOC 2 ReportPlanned Q1 2026
ISO 27001 CertificatePlanned Q1 2026
Statement of ApplicabilityAvailable in Trust Center

Link to this sectionEmployee Resources#

Link to this sectionMandatory Annual Training Programs#

Training ModuleAudiencePlatform
CCPA (California Consumer Privacy Act)All employeesVanta
GDPR (General Data Protection Regulation)All employeesVanta
General Security Awareness TrainingAll employeesVanta
Secure Code TrainingYOLO & Platform teams onlyVanta

Link to this sectionEmployee Policies & Guidelines#

Link to this sectionSecurity & Training Tools#

  • Vanta: Delivers mandatory training programs and employee-applicable policies
  • Rippling: Manages and secures all company devices

Link to this sectionCompliance Calendar & Audits#

ActivityTarget
ISO 27001 & SOC 2 Type I auditQ1 2026
ISO 27001 surveillance & SOC 2 Type II auditQ1 2027
Annual compliance metrics reviewAnnually
Annual risk assessmentsAnnually
Policy reviewsAnnually
Continuous security monitoringOngoing
Annual information security auditsAnnually
Contributors
GLglenn-jocher2ZKzkontri1