Engineering Excellence Platform Values and Privacy of Enterprises and DevOps Teams
Propelo, the leading engineering excellence program, recently obtained the SOC-2 Type II certification. Undergoing an extensive certification process, the company demonstrated reasonable assurances that it met all service commitments and system-level requirements under the Trust Service Principles and Criteria framework developed by the American Institute of Certified Public Accountants (AICPA).
“We’re pleased to now have this certification, as it increases confidence in a platform that all of our customers have already learned they can trust,” states Nishant Doshi, founder and CEO of Propelo. “We went through a strong audit process on behalf of our customers to assure them that we’re committed to the continued security of their data and ongoing success of their businesses.”
SOC 2 Type II is a security framework that specifies how organizations should protect customer data from unauthorized access, security incidents, and other vulnerabilities. Organizational compliance is determined through a series of tests, reporting, and independent audits over six months to a year.
Armanino, an independent auditor and one of the top 25 largest accounting, consulting, and technology firms, facilitated the process to evaluate Propelo based on many individual requirements and operational controls, including:
- Structural and operational integrity of service-level controls
- Functionality and suitability of the platform
- Operational effectiveness
- Protocols and security measures
- Access control and confidentiality
- Data integrity and accuracy
- How well is sensitive data stored, handled, and transmitted
In contending for industry-leading certification, meticulous auditing procedures verified that Propelo met the Trust Services Principles (TSP) of security, availability, and confidentiality.
Propelo’s SOC2 Type II certification reinforces its secure, multi-tenant architecture available to all enterprise-level clients. Propelo doesn’t extract and store data directly from the source; it only obtains metadata from DevOps tools. Enterprises also have complete control over which metadata can be pulled and analyzed. Finally, all data is encrypted, both at rest and in transit.
“Propelo is built using ‘Secure by Design’ principles to empower employees and security teams while maintaining the security and confidentiality of our customer’s data,” said Megha Tamvada, VP of Products at Propelo.
“SOC 2 Type II observes controls over a longer period, demonstrating a consistent security posture rather than at just a specific point in time,” he continues. “Propelo makes all efforts to prioritize information security, availability, and confidentiality.”
Propelo’s SaaS platform is hosted within the Google Cloud Platform. Through Role-Based Access Controls (RBAC), Propelo clients can restrict access to specific metrics, dashboards, and datasets. And apply access policies across organizational boundaries, levels of the corporate hierarchy, job function, and team definitions.
Propelo is “quickly becoming a vital management tool” in the eyes of its users.
The company focuses its efforts on improving its flagship product, hiring top talent for its engineering and business functions, and securing both physical and logical access to any confidential data, both internal and customer-related.
To maintain compliance and protect customer data, Propelo regularly conducts multiple security testing procedures, such as:
- Penetration Testing
- Vulnerability Scanning
- Dynamic Application Security Testing
- Static Application Security Testing
- Source Code Composition Analysis
- Bug Bounty Program
Multi-factor authentication (MFA) is required for all product logins, and both SAML/SSO are also supported. These, coupled with detailed audit logs of user logins and other key events, strengthen data integrity and security.
A copy of the SOC-2 Type 2 compliance report is available under NDA by contacting sales@propelo.ai.
For more about how Propelo is increasing developer productivity, visit https://www.propelo.ai.
Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!