Veza Achieves System and Organization Controls (SOC) 2 Type 2 Certification

PALO ALTO, Calif.--(BUSINESS WIRE)--Veza, the data security platform built on the power of authorization, today announced it has successfully completed the System and Organization Controls (SOC) 2® Type 2 Examination. Veza worked with the team at Schellman to review and analyze the Veza data security platform, as well as its security controls and processes, and determined that it meets the required criteria.

The SOC 2 Type 2 audit and certification is becoming the internationally recognized standard demonstrating that an organization understands and follows security best practices, a requirement for potential customers and investors alike. Examinations review and analyze an organization’s security policies, practices and controls to ensure they meet requirements.

“Security and compliance has been a top priority for our company since day one – it has been baked into our strategy, our processes and our product offering,” said Tarun Thakur, co-founder and CEO, Veza. “The SOC 2 Type 2 certification not only establishes external validation that our customers can trust, but it also confirms that our internal security tools, infrastructure and processes meet the highest quality industry standards.”

“We are thrilled to have achieved SOC 2 Type 2 Certification providing one more reason for more companies to harness the capabilities of Veza for cloud platforms, applications, and data systems across their multi-cloud ecosystem,” said Maohua Lu Ph.D, co-founder and CTO, Veza.

“Veza’s successful completion of the SOC 2 Type 2 Examination speaks to the organization’s commitment to security and the desire to demonstrate their overall security posture to their customers,” said Jeff Schiess, managing director at Schellman. “Further, the Veza team acted with the utmost integrity throughout the entire compliance process.”

Veza’s data security platform enables customers to understand, visualize, manage, and control data permissions through Veza’s Authorization Graph. The graph aggregates identity information from humans, service accounts, and cloud IAM entities, and authorization data from cloud platforms, apps, and data systems to provide a centralized, SaaS service. Veza translates system-specific entitlements and permissions into a common, human-understandable business language on who can and should take what action on what data, visualized in the platform as effective permissions.

“If you're using a cloud of any size, there are probably plenty of things that you've done in the past that didn't have the right governance around them,” said Jason Simpson, Vice President Engineering, Choice Hotels. “And being able to go back, see that, fix it, and then put governance on top of it to ensure that it doesn't sprawl again, that's one of the things that we love about Veza.”

The platform brings a novel approach to data security by enabling organizations to address key use cases across user access reviews, entitlement reviews, access certifications, privileged access management to data and apps, data lake security and governance, and management of cloud entitlements. Veza supports both cloud and on-prem integrations with identity systems such as Okta, Microsoft Azure AD, and Microsoft Active Directory; cloud platforms such as AWS, Google Cloud, and Microsoft Azure; enterprise applications such as Salesforce, Zendesk, and GitHub; and critical data systems such as Snowflake, Azure SharePoint, AWS Redshift, AWS S3, and Microsoft SQL Server.

Learn More:

• Veza Data Security Platform
• Veza Trust & Security
• Veza Security Whitepaper
• Veza Data Security Solutions

About Veza

Veza is the data security platform built on the power of authorization. Designed for hybrid multi-cloud environments, Veza enables users to easily understand, manage and control who can and should take what action on what data. Veza solves the toughest data security challenges enterprises face today by organizing an authorization metadata graph across identity providers, data systems, cloud service providers,SaaS and custom applications. This empowers customers to leverage the power of authorization for an identity-first approach to data security to address critical business needs of access governance, data lake security and governance, cloud entitlements, privileged access management, and many more. Global enterprises like Blackstone, ASAPP, Barracuda Networks, Choice Hotels, and a number of Fortune 500 and emerging organizations trust Veza for their data security needs. Founded in 2020, Veza is headquartered in Los Gatos, California, and is funded by Accel, Bain Capital, Ballistic Ventures, GV, Norwest Venture Partners, and True Ventures. To learn more, follow the company on Twitter, LinkedIn and YouTube, and please visit us at veza.com.