EN 中文
WeChat
Official Community

Modern Observability and Monitoring Platform

Get Started

Private Cloud Deployment Supported

Community Plan Deployment Plan

Code Hosting Platform

GitHub Gitee

Trust Center

Building “security by design” products to deliver reliable and trusted observability services for our customers.

Overview Security Privacy Compliance

Security

Guance prioritizes product quality and security above all else. We strictly adhere to national software security standards and requirements while proactively implementing robust security measures to mitigate threats such as DDoS attacks, hacking, malware, and unauthorized operations. From the moment you access our product, we are committed to safeguarding your security.

Learn More

Privacy

Guance respects and protects the privacy rights of all users. We are committed to handling this information with the utmost care and diligence, applying a level of protection no less than that used for our own confidential information.

Learn More

Compliance

Guance meets various industry compliance certifications, including Information Security Level Protection (Level 3), ISO9001, ISO27001, and ISO20000. We continuously monitor existing and emerging security and privacy standards to uphold our obligations in an ever-evolving regulatory landscape.

Learn More

Our Security Measures

Product Security

Guance prioritizes product quality and security, actively adhering to industry software security standards and requirements while cooperating with key industry regulators to conduct security self-assessments. By implementing automated vulnerability detection and robust security controls, Guance effectively minimizes security vulnerabilities, ensuring network and information security, and delivering a “secure by design” product for users.

Data Security

Guance places a strong emphasis on ensuring the availability, integrity, and confidentiality of data throughout its entire lifecycle. We apply comprehensive security practices across data collection, storage, usage, processing, and transmission, delivering effective and reliable data protection for users. Guance strictly adheres to the principles of “legitimacy, appropriateness, and necessity” and will not collect or disclose user data without explicit user consent. During data transmission and storage, we employ advanced encryption technologies to prevent data leakage. Users can stop data collection at any time and delete their data. Guance will never retain user data in any form or for any purpose without proper authorization.

Operational Security

Guance and its team members strictly adhere to product security governance rules, relevant policies, and protocols. Without user authorization, we do not access customer data and have no rights to view it. Additionally, through a series of role and permission management controls, Guance enforces a least-privileged approach to system resource management. All actions by team members are logged, ensuring that operational events are traceable and auditable, providing the highest level of commitment to product and usage security.

Our Privacy & Control

Privacy Data Management

Guance respects and protects the personal privacy rights of all users, committing to handle this information with the utmost care and diligence, no less than the level applied to protecting its own confidential information. Guance will not disclose or provide this information to third parties without user consent. In the event of a confidentiality breach, Guance will respond promptly, collaborate with the user, and take all reasonable measures to prevent or mitigate any potential damage.

Minor Privacy Protection

Guance places great importance on protecting the information of minors. Since Guance products/services are intended for businesses/adults, if you are under the age of 18 or lack full civil rights and capacity, you are not permitted to use Guance products/services and are not required to provide any personal information to us.

Certifications & Verifications

Advanced Observability Platform

可观测性平台先进级

可观测云平台先进级是由中国信通院和云计算开源产业联盟联合颁发的“可观测性平台技术能力”先进级证书,观测云在数据采集、数据处理、数据应用、平台运维共4个模块的全流程测评中,均满足可观测性平台先进级能力要求,获得可观测性平台先进级认证。

Trusted Cloud Enterprise SaaS Service Certification

可信云企业级SaaS服务认证

可信云评估是中国信息通信研究院下属的云计算服务和软件的评估品牌,是针对云计算服务和软件的专业评估体系,其核心目标是建立云服务商的评估体系,为用户选择安全、可信的云服务商提供支撑。观测云在企业、服务、技术、运维等各方面均获得可信云的认证要求,通过可信云企业级 SaaS 服务认证。

National Information Security Level Protection Level 3 Certification

国家信息安全等级保护三级认证

网络安全等级保护认证是中国权威的信息产品安全等级资格认证,由公安机关依据国家信息安全保护条例及相关制度规定,按照管理规范和技术标准,对各机构的信息系统安全等级保护状况进行认可及评定。观测云已通过等保三级备案,按照《信息系统安全等级保护基本要求》的内容,全面落实对安全技术和安全管理的要求。

ISO9001 Quality Management System Certification

ISO9001 质量管理体系认证证书

ISO 9001 是质量管理体系的标准,通过建立完善的质量管理体系,强化企业管理水平,持续改进产品,为客户提供符合法规要求的高质量产品和服务。

ISO27001 Information Security Management System Certification

ISO27001 信息安全管理体系认证证书

ISO/IEC 27001 是信息安全管理体系认证的国际标准,通过定期评估风险和对应的控制措施来有效保障组织信息安全管理体系的持续运行,实现信息的安全管理。

ISO20000 Information Security Management System Certification

ISO20000 信息安全管理体系认证证书

ISO20000 是信息技术服务管理(ITSM)领域的国际标准,通过建立标准的 IT 管理流程,持续提高 IT 服务的可用性、可靠性和安全性,为客户提供高质量的服务。

CMMI V2.0 DEV ML3

CMMI V2.0 DEV ML3

CMMI (Capability Maturity Model Integration) 即能力成熟度模型集成,其目标是帮助企业改进项目管理、软件研发等标准化流程,增强企业的开发和管理能力,提高企业的开发效率和软件质量。观测云通过标准化的研发和管理流程,为客户提供高质量的软件和服务。

SOC 2 Type II

SOC 2 Type II

服务组织控制报告(SOC 报告)作为独立的审计报告,涵盖观测云平台的安全性,可用性与保密性相关控制点。SOC 2审计报告,即System and Organization Controls 2 Report, 是由美国注册会计师协会(AICPA)指定、针对服务商内部控制情况进行审计而出具的第三方独立报告,具有高客观性、持续性和高认可度,是全球公认的数据安全审计标准,能为使用SaaS服务的用户提供重要的安全保证和参考。

High-tech Enterprise Certification

High-tech Enterprise Certification

Software Enterprise Recognition Certificate

Software Enterprise Recognition Certificate

System observability solution with more controllable risks

Get Started Contact Us