San Francisco, US, 31st May 2022– Picus Security, the pioneer of Breach and Attack Simulation (BAS), today announced that it has achieved Service Organization Controls 2 (SOC 2) Type 2 Compliance. SOC 2 is a security audit and attestation for Software-as-a-Service (SaaS) companies developed by the American Institute of Certified Public Accountants (AICPA). It is recognized as a gold standard for information security globally.
Data protection, privacy and operational resilience are important considerations for organizations evaluating SaaS providers. As a result, an increasing number, particularly within the United States, now use SOC 2 reports to help assess and minimize supply chain risks.
Picus Security achieved SOC 2 Type 2 compliance following an independent audit by Prescient Assurance. It verifies that the company and its cloud-native Security Control Validation Platform meet AICPA’s rigorous Trust Service Criteria and that all relevant controls and processes in place are operationally effective.
“In order to minimize risks, it’s crucial that organizations choose technology providers that meet the highest standards of data protection and operational security,” said Volkan Evrin, Information Security Director at Picus Security.
“SOC 2 Type 2 compliance demonstrates Picus’ ongoing commitment to protecting our customers. By choosing The Picus Platform, organizations not only benefit from the most complete BAS technology for security control validation. They also obtain assurance that their data and privacy are in safe hands.”
About Picus Security
Picus Security is the pioneer of Breach and Attack Simulation (BAS). The Picus Complete Security Control Validation Platform is trusted by leading organizations worldwide to continuously validate the effectiveness of security controls against cyber-attacks and supply actionable mitigation insights to optimize them.
Picus has offices in North America, Europe and APAC and is supported by a global network of channel and alliance partners.
The company is dedicated to helping security professionals become more threat-centric and via its Purple Academy offers free online training to share the latest offensive and defensive cybersecurity strategies.