SOC Prime Achieves SOC 2 Type II Compliance for the Second Year in a Row

SOC Prime Completes SOC 2 Type II Audit

Independent Audit Once Again Verifies SOC Prime’s Compliance with the SOC 2® Requirements 

We are thrilled to announce that SOC Prime has once again successfully completed the SOC 2 Type II audit conducted by I.S. Partners, LLC, one of the industry-leading internal controls attestation firms certified by the PCI Council as a Qualified Security Assessor. A generally accepted industry benchmark, SOC 2® compliance is determined by an independent audit carried out according to attestation standards established by the American Institute of Certified Public Accountants (AICPA). 

The SOC 2 Type II auditor’s report verifies that SOC Prime’s service commitments and system requirements have been accomplished based on the trust services criteria relevant to security set forth in 2018 Description Criteria for a Description of a Service Organization’s System in a SOC 2® Report. The SOC 2 Type II audit also assures the design and effectiveness of controls over a period of May 1, 2021—May 1, 2022, displaying SOC Prime’s proven ability to adhere to critical security practices. 

Staying compliant with the SOC 2® standards is a crucial point to providing high-quality services to our customers. By accomplishing the SOC 2 Type II audit for the 2nd year in a row, we ensure that more than 30,000 cyber defenders leveraging our platform daily can rely on SOC Prime in terms of maintaining necessary security controls to minimize privacy risks, which each organization, no matter its size, environments, and business needs, would want from a reliable partner.

 Vlad Garashchenko, Chief Information Security Officer at SOC Prime

For the second year in a row, a successful SOC 2 Type II audit accomplishment ensures that SOC Prime meets the industry requirements set for secure data management and verifies our commitment to high standards of excellence in cybersecurity. Once again, SOC Prime’s achievement validates the company’s dedicated security efforts and brings assurance to clients who rely on the world’s largest and most advanced Detection as Code platform for collective cyber defense.

As a pioneer in Detection as Code and Collective Cyber Defense, SOC Prime is laser-focused on security, continuously exploring additional controls and certifications to ensure high-class security operations, processes, and procedures and protect the privacy of our customers’ data. SOC Prime furthers this focus by ensuring data privacy protection across both the existing functionality and new products we are continuously developing to accelerate threat detection and threat hunting capabilties.

SOC Prime’s privacy-centric mindset is aimed at mitigating privacy risks of our customers. By implementing our own detection content development maturity strategy, SOC Prime’s users can obtain detection algorithms without sharing their sensitive data. We run on Zero-Trust Architecture with all the data encrypted by the industry-accepted benchmarks — data at rest by the AES-256 encryption algorithm and in transit by the TLS 1.2 protocol. Our development practices rely on Microservice-based architecture, personnel background checks, access controls, and Amazon AWS hosting. We build the platform exceeding security standards to protect very limited personal data we have on our customers. 

To learn more about our data privacy protection commitments, please refer to the dedicated website page.

Existing SOC Prime customers are welcome to request to obtain the SOC 2 Type II auditor’s report to find more details about one of the major compliance verifications in the industry and how this accomplishment reflects SOC Prime’s adherence to word-class security standards. Reach out to to request a verified copy of the report.