What is a SOC2 Type II audit?
Service Organization Control 2 is an industry-leading reporting standard, defined by the American Institute of Certified Public Accountants (AICPA). To enable customers to more easily navigate the market of IT organizations that provide various products and services, the standards provide a trusted source of information on how a vendor has performed on a range of different metrics. The certification represents an industry benchmark as its conducted by third-party auditors that can be easily understood and referenced by the customer.
The certification indicates that Deep Instinct has been assessed by an independent auditing and accounting firm to ensure that both our company and services meet definite standards of security control.
What benefit does this audit have for our customers?
Customers want to make sure they can trust our service. This includes having clear policies and controls that attest to the quality of the product and the measures taken to ensure the prevention of a breach that will result in an attack against them.
The audit demonstrates the secure and reliable cybersecurity strategy that we have applied to our products and processes. It provides our customers with the assurance that our solution is developed and delivered in accordance with security standards. As our customers continue to work with us, it gives them the ever-important peace of mind that the relevant controls are in place, they’ve been tested and have been proven to operate effectively during the audit period.
What does the audit test?
The auditor checks on how we, as a vendor, comply with multiple fundamental security principles. They learn about and review multiple aspects of our business including:
- The solution we provide
- The systems and subsystems in use and their interfaces
- Our development activities focused on security aspects
- What kind of risks we are facing and the actions we take to minimize them.
- Different corporate processes are assessed, such as HR and IT work processes, to make sure they are controlled.
What is the result of this audit?
Once all processes were reviewed, the auditor identified the relevant controls that have been applied to manage the process and then tested that they all operate successfully during the audit period.
The full list of controls and our respective performance is available in our SOC report.
Ultimately, the result was crystal clear – no deviation was found!
How to request Deep Instinct’s SOC2 report?
If you would like to request a copy of our SOC 2 Type II report, please get in touch with your Account Executive.