SOC 2 Type II Certified
Asset Panda is proud to announce that it has achieved SOC 2 Type II certification as of February 2023. This certification is a testament to our commitment to maintaining strong controls related to security, availability, processing integrity, confidentiality, and privacy. The SOC 2 examination, developed by the American Institute of Certified Public Accountants (AICPA), validates the effectiveness of our security measures in protecting information from unauthorized access. The audit was conducted by the Johanson Group, and Asset Panda successfully met the criteria for security, showcasing our dedication to safeguarding data.
Data Security
At Asset Panda, data security is a top priority. We ensure the protection of all data at rest and in transit through encryption. By leveraging the AWS Key Management Service, we centrally manage keys and define policies in alignment with industry best practices. This approach not only secures our application but also safeguards customer data, instilling trust and confidence in our users regarding the confidentiality and integrity of their information.
Application Security
To enhance our application security, Asset Panda collaborates with third-party security experts for periodic evaluations. Through penetration tests and scans, we assess our source code, application, and infrastructure to uphold compliance with industry standards. This proactive approach ensures that our security posture remains robust and that any vulnerabilities are promptly identified and addressed, minimizing the risk of security breaches.
Infrastructure Security
Asset Panda leverages Amazon Web Services (AWS) to host our application, taking advantage of a suite of security tools provided by AWS. From Key Management Service (KMS) to GuardDuty, Inspector, Macie, IAM Access Analyzer, Systems Manager Patch Manager, and Firewall Manager, we employ a comprehensive set of security measures to fortify our infrastructure. By integrating these tools, we proactively monitor and mitigate potential threats, reinforcing the resilience of our platform against evolving cybersecurity challenges.