Yes. Canary Mail has undergone an independent white box cybersecurity audit conducted by a European cybersecurity firm, reviewing encryption handling, sensitive data protections, and server-enabled features including push notifications and cross-device sync.
What the audit covered
- Encryption handling, including key storage and cryptographic implementation
- Local database security and data at rest protections
- Encryption library review and related security controls
- Server-enabled features, including push notifications and cross-device sync (Cloud Sync)
You can learn more about Canary Mail’s overall security architecture on our security page.
Outcome
All recommendations identified during the audit have been implemented.
For organizations undergoing procurement or vendor risk review, Canary Mail can provide confirmation of audit completion and scope. Detailed findings may be restricted due to confidentiality obligations with the auditor.
Request an independent audit
If your organization would like to arrange an independent audit prior to enterprise deployment of Canary Mail, contact us at:
Note: A minimum purchase of 100 licenses is required, and all applicable audit-related expenses must be borne by your organization.
Related resources
- Canary Mail Security Overview
- Why Canary Mail offers push notifications
- How secure is Cloud Sync in Canary Mail
- Privacy standards overview
FAQ
Can I see the audit report?
Canary Mail can provide confirmation of audit completion and scope. Detailed findings may be restricted due to confidentiality obligations with the auditor.
Did the audit include push notifications and cross-device sync?
Yes. The audit scope included server-enabled features such as push notifications and cross-device sync (Cloud Sync), in addition to encryption handling.
Can my organization request a new independent audit?
Yes. Contact Canary Mail at hello@canarymail.io to discuss an independent audit for enterprise deployment. A minimum purchase and applicable audit expenses apply.