Security as Our Fabric: Ory Achieves ISO/IEC 27001:2022 Recertification

Ory has successfully achieved ISO/IEC 27001:2022 recertification, reinforcing its longstanding commitment to rigorous security controls as an integral part of its identity security framework. This accomplishment reflects Ory's dedication to a security-first culture, which has been maintained since the company first attained ISO 27001 certification three years ago. The recertification, verified through an independent assessment by BARR Certifications, highlights Ory's continuous improvement approach to security, particularly within the evolving landscape of Identity and Access Management (IAM) and the challenges posed by agentic AI. This certification not only strengthens Ory's infrastructure for protecting sensitive data but also offers its customers reduced compliance burdens, verified processes, and proactive risk management. Ory's security framework extends beyond a single certificate, incorporating open-source transparency, continuous monitoring with tools like Vanta, and comprehensive adherence to other frameworks such as SOC 2 Type 2 and PCI DSS, all accessible through the Ory Trust Center.