Free Trial
|
Login
Free Trial
Login
Platform

Platform

I want to

report
WHITEPAPER Picus Red Report 2024
white paper
DATASHEET Security Validation Platform
Use Cases

Use Cases

Frameworks

Group
WHITEPAPER Building a Robust Defense-in-Depth Strategy with Breach and Attack Simulation (BAS)
webinar
ON-DEMAND Top Ten ATT&CK Techniques: The Rise of ‘Hunter-Killer’ Malware
Research

RESEARCH

LEARNING

report (1)
REPORT 2024 Gartner® Peer Insights™ Voice of the Customer for Breach and Attack Simulation (BAS) Tools
report (1)
REPORT Blue Report: Effective Threat Exposure Management
Resources

RESOURCES

LEARNING

Group
WHITEPAPER Double Your Threat Blocking in 90 Days
webinar
UPCOMING WEBINAR Maximizing Cybersecurity with GenAI
Company

COMPANY

PARTNERS

webinar
UPCOMING WEBINAR Maximizing Cybersecurity with GenAI
Data sheet
DATASHEET The Pioneer of Breach & Attack Simulation
GET A DEMO

How we’re building assurance with SOC 2 Type 2 compliance

Volkan Evrin | May 31, 2022

The Red Report 2024

The Top 10 MITRE ATT&CK Techniques Used by Adversaries

DOWNLOAD

How we’re building assurance with SOC 2 Type 2 compliance

At Picus, protecting the security and privacy of our customers will always be a top priority. It’s why we’re committed to ensuring that our controls, policies and procedures meet the highest standards and continue to evolve as our business grows.

Today, we’re pleased to announce that we have successfully completed another key milestone on our information security roadmap by achieving compliance with SOC 2 Type 2 - widely regarded as a gold standard for information security.

What is SOC 2 and what does it mean for Picus customers?

System and Organization Controls (SOC 2) is a security audit and attestation developed by the American Institute of Certified Public Accountants (AICPA) for Software-as-a-Service (SaaS) companies that process customer data. 

Compliance with SOC 2 verifies that Picus and our cloud-native Complete Security Control Validation Platform meets AICPA’s Trust Service Criteria (TSC). The TSC is split across five principles: Security, Availability, Processing Integrity, Confidentiality, and Privacy. 

SOC2-graphic-updated
Meeting the principles of SOC 2, as part of a compliance program that also includes ISO 27001, ISO 20000 and ISO 22301, demonstrates how highly we prioritize security and privacy as well as building products that instil trust and confidence. 

SOC 2 Type 1 vs. SOC 2 Type 2

There are two types of SOC 2 audit reports Type 1 and Type 2. Picus achieved attestation with SOC 2 Type 1 in November 2021 and has now completed attestation with Type 2.

A SOC 2 Type 1 report describes the design of a service provider’s controls to meet AICPA’s trust criteria as of a specific point in time;  a SOC 2 Type 2 report details the operational effectiveness of these controls over an extended period.

Picus Security achieved SOC 2 Type 2 compliance in April 2022 following an independent audit by Prescient Assurance. To main compliance, Picus will be audited annually.

Request a copy of our SOC 2 report

If you are an existing customer or partner of Picus and would like a copy of our SOC 2 Type 1 and Type 2 reports, please feel free to reach out to a member of our team. 

If you are not a current customer but would like to read the reports then we’d be happy to provide a copy under an NDA.

If you have any questions, please let us know!

Request a copy

Click here to learn more about Picus and how our breach and attack simulation technology can help you to validate and enhance your organization’s security posture.

DISCOVER
MORE RESOURCES

How to Build a Red Teaming Attack Scenario | Part 1 - Bypass Security Controls

Read More

MITRE ATT&CK T1082 System Information Discovery

Read More

CISA Alert AA23-341A: Star Blizzard Targets NATO Countries with Spearphishing At...

Read More