Flock Safety Strengthens Cybersecurity Measures to Safeguard Customer and Community Data

In recent months, Flock Safety has faced scrutiny regarding its cybersecurity practices, particularly following misleading claims about breaches and vulnerabilities. As the company continues to enhance its security measures, it emphasizes its commitment to protecting customer data and maintaining transparency in its operations.

Addressing Misleading Claims

In January 2026, Flock Safety publicly responded to allegations that it had been hacked. The company clarified that these claims were false and misleading, asserting that there was no evidence of risk to customer data or systems. This response came on the heels of a series of public statements aimed at reassuring customers and stakeholders about the integrity of its cybersecurity framework.

Flock Safety has consistently maintained that vulnerabilities are an inherent part of software development. The company prioritizes identifying and addressing these vulnerabilities while communicating transparently about them. This proactive approach is crucial in an industry where threats are constantly evolving.

A Layered Cybersecurity Approach

Flock employs a multi-layered cybersecurity strategy that integrates internal expertise, continuous monitoring, and third-party testing. This comprehensive approach is designed to safeguard customer data against potential threats. Key components of Flock’s cybersecurity measures include:

• Threat Modeling: Conducted during the design phase to anticipate potential vulnerabilities.
• Code Scanning: Implemented at various stages of development, including static and dynamic code analysis.
• Continuous Monitoring: Ongoing assessments of the infrastructure to identify and mitigate risks.
• Penetration Testing: Regular tests to simulate real-world attacks and evaluate the effectiveness of security measures.

This layered strategy reflects the complexity of cybersecurity, where no single solution can fully mitigate risk.

Team Structure and Investment

Flock Safety is committed to strengthening its cybersecurity team, with plans to hire an additional ten personnel this year, building on its existing team of over 20 engineers. The structure of the cybersecurity team includes specialized groups focused on various aspects of security:

• Product Security & Privacy: Concentrates on hardware and software products, conducting architectural reviews and threat modeling.
• DevSecOps: Ensures the security of cloud infrastructure.
• GRC Engineering: Focuses on governance, risk, and compliance to uphold high cybersecurity standards.
• Offensive Security & Vulnerability Operations: Conducts penetration tests and manages vulnerabilities across the product line.
• Physical Security: Maintains security standards for physical office spaces.
• Incident Response & Adversary Pursuit: Responsible for responding to incidents and proactively hunting for intrusions.

This investment in human resources underscores the importance of skilled personnel in maintaining robust cybersecurity practices.

Response to Public Allegations

Flock Safety has also addressed specific allegations made in a November 2025 YouTube video, where a claim was made about hacking 80,000 Flock cameras. The company refuted this assertion, explaining that the individuals involved had not engaged with Flock through its bug bounty program, which is designed for responsible vulnerability disclosure. Instead, the individual in question had illicitly acquired a Flock camera, and the findings they presented had already been identified and addressed by Flock’s cybersecurity team.

In January 2026, another video surfaced, focusing on Flock PTZ cameras. The company reiterated that it has maintained an ethical vulnerability disclosure program for years and that the YouTuber did not follow the proper channels for reporting vulnerabilities. The cameras in question had briefly been misconfigured, exposing their diagnostic interface to the internet, but this did not compromise the security of Flock’s cloud environment.

Securing Custom Operating Systems

Flock Safety utilizes a heavily modified version of the Android operating system, developed in partnership with Qualcomm. This custom operating system is tailored for Flock’s specific use cases, stripping away unnecessary functionalities to enhance security. Flock has never utilized Android Things in any of its products and continues to backport security patches as required.

The company maintains rigorous standards for cybersecurity, including SOC2 Type II audits and various ISO certifications, such as ISO 27001 for data security and ISO 27701 for data privacy. These certifications reflect Flock’s commitment to maintaining high cybersecurity standards across its operations.

Commitment to Continuous Improvement

Flock Safety emphasizes that cybersecurity is an ongoing process. While it cannot guarantee that new vulnerabilities will not be discovered, the company is dedicated to investing in cybersecurity measures and prioritizing customer data protection. Flock’s proactive approach aims to minimize risks and ensure readiness in the event of a security incident.

For further details on Flock Safety’s cybersecurity initiatives, customers can visit the Trust Center.

For the latest cybersecurity developments, threat intelligence, and breaking updates from across the Middle East: Middle East