We mean it when we say that security is at the heart of CAST AI.
Several of our founders previously built a company that specialized in application security and attack mitigation. Leon Kuperman, our CTO, previously worked at Oracle as the VP of Security Products.
As part of our continued commitment to deliver the most secure environment for our clients, we're pleased to report that CAST AI has passed the independent SOC 2 Type II examination that attests to the high level of our privacy and security policies and processes.
Why is SOC 2 Type II important?
SOC 2 Type II refers to a specific type and degree of SOC (Service Organization Control) report. SOC is a system of standards from the American Institute of Certified Public Accountants (AICPA) used to assess a company’s data security policies and their effectiveness.
Under the SOC umbrella, SOC 2 Type II represents the most thorough and difficult-to-achieve compliance. It’s one of the most trusted and sought-after third-party security verifications.
What does the SOC 2 Type II examination take into account?
SOC 2 Type II examine the security, confidentiality, and availability in an organization using five key principles of trust established by the AICPA:
- Protections against unauthorized access that defines the security of a vendor's system.
- The completeness, validity, timeliness, accuracy, and authorization of a vendor's system's processing.
- The availability of a vendor's system for operation and usage as specified in the customer agreement.
- The confidentiality of the information the vendor processes and keeps, and how that confidentiality is safeguarded.
- The privacy of the personal information the vendor collects, holds, uses, discloses, and disposes of.
To qualify for the SOC 2 Type II report, we developed strict security procedures following these principles. We then engaged an accredited independent auditor to assess their quality and monitor our adherence to these procedures over the period of 4 four months (June-October 2021).
The result was a detailed report showing that we consistently live up to our security promises. It confirmed that CAST AI meets all the service commitments and system requirements.
Our commitment to providing a secure solution to our customers doesn’t end here. We’re already ISO27001-certified and are constantly improving our security practices to make our product fully protected against all kinds of threats.
Was SOC 2 holding you back from trying out CAST AI?
Book a demo call today with the assurance that CAST AI is compatible with your security practices.
Learn more about security in CAST AI
- To learn more about our approach to security, check out this guide to security and privacy in CAST AI
- Here’s a detailed look into how CAST AI works when analyzing and optimizing cloud infrastructure: How does the read-only CAST AI agent work and what data can it read?