Bug Bounty & Agile Pentesting Platform

Intigriti obtains SOC 2 certification

Intigriti now proudly holds both ISO 27001 and SOC 2 compliance certifications

‘Practice what you preach’ is a vital phrase when it comes to cybersecurity. For businesses that test and ensure the safety of huge amounts of sensitive data, it follows that these companies have an enormous responsibility when safeguarding themselves.

Towards the end of 2022, we were thrilled to showcase the Intigriti Trust Center, a live dashboard that displays our platform’s security posture in real-time while also providing all relevant security resources and documentation.

We’re now excited to announce our SOC 2 compliance, which demonstrates our ongoing focus on ensuring our customers’ data remains safe. 
 
We now hold two of the most sought-after security certifications on the market, as our SOC 2 status joins our existing ISO 27001 certification, the international standard for information security compliance.  

What is a SOC 2 audit?

SOC (System and Organization Controls) audits are an independent assessment of vendor management programs, internal governance, and risk management. 

SOC 2 audits assess service organizations’ security, availability, processing integrity, confidentiality, and privacy controls against the American Institute of Certified Public Accountants’ Trust Services Criteria (TSC), in accordance with SSAE 18. 

YOU MIGHT ALSO LIKE Intigriti’s Trust Center – An interview with our Head of Security, Niels Hofmans 


A SOC 2 audit is carried out over a minimum timeframe, typically around six months. It involves a detailed inspection of security practices by a third party. Not only do the auditors look to see if certain processes are in place, but they also seek to ensure that these processes are being followed correctly at a technical level. 

By looking at a business over a set period, you can gain a far greater understanding of the quality of its practices. For example, once a security incident has occurred, is it being followed up on? Are processes being adjusted to ensure the incident is avoided in the future? And how are training procedures being instructed to the employees? 

Or another example, things like widespread working from home have changed how companies are securing personal devices. A SOC 2 audit might probe into whether all employees are getting the correct training in line with this. 

What does this mean for Intigriti moving forward? 

When it comes to specific compliances, our SOC 2 and ISO 27001 certificates are huge milestones, but the work doesn’t end here. 

We know better than anyone that you need to be proactive to maintain robust security, and SOC 2 compliance encapsulates that. As we look to the future, we’ll ensure that all our security practices stay under review to stay aligned with SOC 2 requirements. 

%d