Threat Stack, provider of the industry’s most comprehensive intrusion detection platform for cloud, hybrid-cloud, and on-premises environments, announced that it has successfully completed a SOC 2 Type II Service Organization Control (SOC 2) examination for its flagship†Threat Stack Intrusion Detection platform. The audit conducted by Schellman & Company, LLC found that Threat Stack meets the SOC 2 standards for Security and Availability integrity principles with zero exceptions listed.
SOC 2 reports are attestation reports that examine controls at a service organization relevant to the security, availability, or processing integrity of a system (security, availability, and/or processing integrity principles) or the confidentiality or privacy of the information processed for the user entities (confidentiality or privacy principles). SOC 2 reports demonstrate a company’s ability to not only implement critical security policies but also prove compliance over an extended period of time.
“As a security company that helps customers with SOC 2 compliance, we feel it is important that we lead by example and achieve the certification ourselves,” said Brian M. Ahern, Threat Stack Chairman and CEO. “Achieving SOC 2 Type II with zero exceptions listed demonstrates to our clients that our platform can be trusted to adhere to strenuous compliance standards and also our own commitment to utilizing best security practices internally.”
SOC 2 Type II standards help companies recognize, communicate and exercise cross-functional value among DevOps and security teams. Threat Stack implemented new policies and technologies to fortify its infrastructure and instill security in every phase of product development. The company used its SOC 2 Type II certification process as an opportunity to better integrate its security team within its DevOps practices. The internal team used the company’s flagship solution to help it achieve the certification and also demonstrate Threat Stack’s security posture for any ongoing audit. Threat Stack adhered to SOC 2 standards throughout the course of the 14-month project, which included a six-month examination without a single exception listed for the entire duration.