Trust Center
At NetApp, trust is more than a principle, it’s a promise. Whether you're a customer, prospect, or part of our sales team, this portal is your gateway to understanding how we protect data and uphold our security commitments.
Powered by SafeBase, this center provides real-time visibility into our security and compliance program. You’ll find up-to-date information on how we monitor, test, and continuously improve our controls, so you can speak confidently about our practices, make informed decisions, and trust that your data is in safe hands.
Documents
Self-Service Audit Evidence
Self-Service Audit Evidence
This section is reserved for customers conducting a self-service audit. Contact us to learn more or request access.
Salesloft Drift
Frequently Asked Questions:
- Does the company use the Salesloft Drift application in any capacity, or have it integrated with any application in support of your services?
- Yes, the Salesloft Drift Application was used as a third-party application for sales lead and contact management as noted in our advisory at this website: Trust Center Updates
- If yes, what applications / services?
- Salesloft Drift was used for sales lead and contact management.
- How do these applications / services interact with customer data or processes associated to providing services to customers?
- This application does not interact with the services or applications that provide services to customers.
- What data is stored within these applications? What is the data’s classification?
- Standard business contact details, such as: Names, business email address, phone numbers, regional or location preferences. Additional security information can be found here: Trust Center Updates
- Are there any API tokens associated with this service / application / appliance?
- Yes
- If yes, can these be rolled?
- Yes, and all credentials with Salesloft Drift were rotated.
- Are there any remote access (SSH keys, etc.) capabilities and can those be rotated?
- N/A
- Are there any OAuth Integrations with the company?
- Yes, other Salesloft OAuth integrations were rotated
- Are there any SSO integrations with the company?
- Both Drift and Salesloft had SSO integrations with NetApp. Administrative access was managed through CyberArk with passwords rotated for each login.
NetApp was notified about a security incident impacting Salesforce customers who use Salesloft Drift—a third-party application which NetApp uses for lead and contact management. During this incident, unauthorized individuals obtained Salesloft Drift customer credentials, including those associated with NetApp.
An internal investigation determined that these compromised credentials may have enabled unauthorized access to a limited set of NetApp data stored within the company’s Salesforce instance. The information potentially exposed is restricted to standard business contact details, such as:
- Names
- Business Email Addresses
- Phone Numbers
- Regional or Location References
Importantly, the investigation confirmed that any unauthorized activity was confined to Salesforce alone, with no evidence of breach or impact to NetApp products or other internal systems. Currently, there is no evidence of customer information misuse. NetApp is providing this information for your awareness and precaution.
We want to assure you that we take this issue extremely seriously and are actively monitoring the situation. Safeguarding your information is our highest priority, and we are working diligently to ensure the ongoing security of our systems and data.
NetApp remains committed to transparency and will continue to provide updates as more information becomes available at Trust Center Updates. For further questions or inquiries, please contact grc@netapp.com.
NetApp Global Security