Cerby Announces Successful Completion of SOC 2 Type II Security Audit

ALAMEDA, Calif.--()--Cerby, the world’s first security platform for unmanageable applications with a ‘zero trust’ approach that optimizes security practices while empowering both employees and security teams, today announced that the company has successfully completed a System and Organization Controls (SOC) 2 Type II audit, performed by Sensiba San Filippo, LLP (SSF). The validation demonstrates that the company prioritizes security controls and the protection of customer data on its platform.

Developed by the American Institute of Certified Public Accountants (AICPA), the SOC 2 information security standard is an audit report on the examination of controls relevant to the trust services criteria categories covering security, availability, and confidentiality. A SOC 2 Type II report describes a service organization's systems and whether the controls they have in place to satisfy the SOC criteria are operating effectively over an agreed-upon observation period. Cerby's SOC 2 Type II report did not have any noted exceptions, and was issued with a "clean" audit opinion from SSF.

“Unlike a pen test, which tests for exploitable vulnerabilities at a specific point in time, SOC 2 Type II observes security controls longer over a period, demonstrating consistency over time,” said Matt Chiodi, chief trust officer at Cerby. “SOC 2 is recognized as a gold standard for security. Achieving this certification attests to Cerby’s focused efforts to build trust and protect customer data.”

Chris Roe, CISA, CRISC, manager at Sensiba San Filippo, LLP said: “SOC 2 Type II report gives Cerby customers confidence in the secure design and operational effectiveness of the platform, having gone through a rigorous security verification process. We congratulate Cerby for taking this step in demonstrating the company’s commitment to protecting customer data.”

About Cerby

Cerby delivers the world’s first platform built to positively guide employees' security behaviors no matter which applications they use. We protect brands around the world, including some of the most recognizable businesses, by taking an approach that empowers both employees and security teams, using Zero Trust principles. Our proprietary technology uses robotic process automation to understand applications in a business context and automatically enforces security best practices before misconfigurations turn into breaches. Cerby is a must-have for technology executives and their teams to protect the brand, stay secure and increase productivity.

At Cerby, we believe that employee application choice and security can go hand-in-hand, but only when employees are trusted to choose the best applications for their work. When employees are allowed this choice, productivity increases and security moves from the IT department to the responsibility of every employee.

Cerby’s platform lets clients like Fox, L’Oréal, Dentsu, Wizeline, Televisa and MiSalud fix common application liabilities efficiently while facilitating collaboration. Visit us at Cerby.com and follow us on Twitter at @CerbyHQ.

All names and trademarks are the property of their respective firms.


+1 408-776-1400 (o) +1 408-893-8750 (m)