ControlK

Overview

Lucidworks maintains a comprehensive cybersecurity program designed to protect the confidentiality, integrity, availability, and privacy of our systems as well as the data we handle. Our security framework is built on industry-leading practices and risk management principles to ensure that every component of our technology and operations is guarded against potential threats.

To describe key aspects of our security posture, we have chosen to highlight the specific controls and measures we emphasize when engaging with our own third-party service providers. We invite you to use this Trust Center to learn about our security posture and request access to relevant security documentation.

Compliance

SOC 2 Type 2 Logo
SOC 2 Type 2
ISO/IEC 27001:2022 Logo
ISO/IEC 27001:2022
ISO/IEC 27001 SoA Logo
ISO/IEC 27001 SoA
CISA: Secure-by-Design Pledge Logo
CISA: Secure-by-Design Pledge
EU-US DPF Logo
EU-US DPF
Swiss-US DPF Logo
Swiss-US DPF
UK Extension to EU-US DPF Logo
UK Extension to EU-US DPF
CSA STAR Logo
CSA STAR
CCPA Logo
CCPA
GDPR Logo
GDPR

Documents

COMPLIANCESOC 2 Type 2
COMPLIANCEISO/IEC 27001:2022
COMPLIANCEISO/IEC 27001 SoA
REPORTSPen Test Report - Managed Fusion
REPORTSVulnerability Assessment Report
REPORTSSecurity Whitepaper
AILucidworks AI Security FAQs
POLICIESAcceptable Use Policy
POLICIESAccess Control Policy
POLICIESAsset Management Policy
POLICIESBusiness Continuity/Disaster Recovery (BC/DR) Policy
POLICIESChange Management Policy

Policies

Acceptable Use Policy
Access Control Policy
Asset Management Policy
View more

Reports

Pen Test Report - Managed Fusion
Pen Test Report - Lucidworks Platform
Vulnerability Assessment Report
View more

Legal

Privacy Policy
Subprocessors
Data Processing Agreement
View more

Self-Assessments

CAIQ
VSA Core

Security Grades

BitSight
BitSight Security Rating
770
CIS Score
CIS Safeguard
5

Risk Profile

Data Access LevelRestricted
Impact LevelSubstantial
Recovery Time Objective24 hours
View more

BC/DR

Business Continuity Plan (BCP)
Disaster Recovery Plan (DRP)
Business Continuity Exercise
View more

ESG

Anti Modern Slavery Statement
Environmental Policy

AI

Lucidworks AI Security FAQs
AI Governance

Data Privacy

Data Breach Notifications
Privacy Impact Assessment (PIA)

Data Security

Access Monitoring
Data Classification
Data Location
View more

Training

Security Awareness Training
Role-Based Training
Phishing Campaigns

Lucidworks delivers search and discovery experiences for global industry leaders, including:

Highmark-company-logoHighmark
Avery Dennison-company-logoAvery Dennison
Cisco-company-logoCisco
Morgan Stanley-company-logoMorgan Stanley
Red Hat-company-logoRed Hat
Lenovo United States-company-logoLenovo United States
Lucidworks Trust Center Updates

Penetration Testing

Copy link
General

Lucidworks has completed its annual penetration test for the Lucidworks Platform, including the SaaS Platform, Lucidworks AI, Commerce Studio, Analytics Studio, Agent Studio, and Signals Beacon. The test was performed by Trusted Sec who identified zero (0) Critical-Severity findings, zero (0) High-Severity findings, zero (0) Medium-Severity findings, and three (3) Low-Severity findings during the course of the engagement. For additional details, refer to the Lucidworks Platform Application Assessment Exec Summary Report in the Reports section above.

Compliance

Copy link
Compliance

Our ISO/IEC 27001:2022 certification testifies to Lucidworks' ongoing commitment to upholding the highest information security management standards and validates our systematic approach to safeguarding sensitive information.

The 2025 Lucidworks ISO 27001:2022 report and certificate, which were issued by Sensiba with zero nonconformities and OFIs, are now available for download.

We are pleased to announce that Lucidworks has successfully completed a SOC 2 Type 2 audit, performed by Sensiba LLP, for the period May 2, 2024, to May 1, 2025. The report is relevant to the Trust Services Criteria of Security, Availability, and Confidentiality and is in scope for the Lucidworks Platform, including Lucidworks Search (previously Managed Fusion), Fusion, Lucidworks AI, and Lucidworks Studios. The report was issued with an unqualified, favorable opinion from the auditors. The new SOC 2 Type 2 report is now available for download.