Security at WOO!

WOO! Security Team’s mission is to build the best security organisation in the world, ensuring our members have a secure place to spark new connections and attend events all over Because you entrust WOO! with your information, the security of our application and the privacy of your data is a top priority. Ensuring we maintain a robust, transparent and accountable security programme is core to our commitment to you.

Internal WOO! security practices

The security programme at WOO! protects our organisation and your data at every turn, utilising a combination of industry-leading security infrastructure, responsible data practices and security best practices to stay ahead of the evolving number of threats facing all internet services and infrastructure. Our security programme focuses on the following areas:

Internal Information Security Programme: we strive to increase security and reduce risk within our digital environment. We proactively build secure access protocols and network architecture to enable systematic control of internal access to WOO!'s facilities, systems and resources, using the least privilege paradigm. WOO! enforces the use of two-factor authentication (2FA) internally.

Application/infrastructure security: security is engineered and integrated at all levels of our development lifecycle to help enable the creation of better, safer products, and to ensure secure design and engineering principles. Our applications and systems, including new features, code and configuration changes pass through security design reviews and assessments by our internal teams. Additionally, many of these applications and systems undergo routine independent and rigorous pen tests by reputable third-party security experts.

Governance, risk and compliance: at WOO! security awareness begins on day one and it is a continuous process thereafter. All employees undergo security and privacy training annually. Security is everyone’s responsibility at WOO!. We have implemented and enforced physical, operational and technical processes and controls, as well as security policies and procedures to secure our systems and member data. We perform extensive security risk assessments of our system and our third-party vendors regularly to ensure a secure posture.

Offensive security: our internal Team identifies previously unknown security vulnerabilities in existing systems and workflows through offensive security testing. This group simulates real-world attacks on all areas of the company and prioritises up-leveling security posture to address areas of greatest risk. Our goal is to gain insight into any potential exposures, and to continuously test to reduce the likelihood of a breach.

Monitoring and threat management: access to our infrastructure and systems is continuously logged and monitored. A security monitoring, investigation, threat hunting and response programme is in place at WOO! to alert, investigate, triage and remediate security events.

Reporting security vulnerabilities

WOO! welcomes input from the security research community in identifying potential issues and ways to improve the security of our applications, infrastructure and member data. We encourage security researchers to responsibly disclose any potential vulnerabilities uncovered to feedback@wooapp.uk. We are committed to addressing security issues responsibly and in a timely manner. To protect our members, we request you please refrain from sharing information about any potential vulnerabilities with anyone outside of WOO! until we have had the opportunity to review and address them with you. We appreciate your help in keeping WOO! secure for our community.

For questions, concerns or issues with your profile, or to report another member or profile, please visit https://www.feedback.woo.uk to contact our Support Team.