Gecko invests a great deal of time ensuring that it meets the rigorous security, compliance, and accessibility standards expected of a market-leading Higher Education based SaaS solution.

For further information about any of the information listed below, including access to reports where applicable, kindly contact your Gecko account manager.

Privacy & Security

Gecko undergoes regular third-party Penetration Testing in order to uncover any potential vulnerabilities and insecure functionality. Testing is conducted via a CREST-approved & ISO 27001-certified contractor. This helps us identify all security risks, including the OWASP Top 10, as well as check our APIs against a rigorous set of tests and attacks.

Gecko is currently on track to achieve ISO 27001 and SOC Type II accreditation.


Gecko regularly commissions a specialized external agency to conduct VPAT audits on all the public elements of our products. This helps to ensure that Gecko continues to be WCAG 2.1, Section 508 / ADA, and EU Accessibility Directive / UK Accessibility Regulation compliant.


Gecko undergoes regular testing under the HECVAT framework.

Did this answer your question?