Request a Demo Free Trial

1 min read

DeNexus Completes SOC 2 Compliance Type 1 Report

Featured Image

We are excited to announce that DeNexus Inc has successfully achieved SOC 2 compliance and received our “Type 1” Report in March, which examined our controls that were implemented for security and confidentiality.   

Created by AICPA, SOC 2 was constructed for companies storing customer data in the cloud. SOC 2 is considered a technical audit, but it goes beyond that by requiring companies to establish and follow strict information security policies and procedures, encompassing five “trust service principles” as regards customer data: security; availability; processing; integrity; confidentiality.  

SOC 2 is also unique in that it ensures a company’s information security measures are in line with ever-changing cloud security parameters. One control that SOC 2 requires to be implemented is the concept of Role Based Access Control, also referred to as the concept of Least Privileges. By enforcing this control, DeNexus can ensure that only personnel with a “day-to-day need” for access to specific systems and customer data, are granted this access. This limits the attack surface and creates a more secure DeRISK product.   

This is a benchmark accomplishment for DeNexus that proves to our customers that we place data security at the foundation of everything we do. For an innovator in the cyber risk SaaS space, data security is critical  - says Jamie Bussin, Director of Compliance at DeNexus.

For more details about what SOC 2 compliance entails for DeNexus, refer to a blog on SOC 2 Compliance here

New call-to-action

Ampere Industrial Security & DeNexus partner to enhance cyber risk data sets for the industrial sector.

Ampere Industrial Security, the global leader in industrial cybersecurity consulting, and DeNexus Inc, the leading provider of second-generation...

Read More

NAES | DeNexus Partner to Quantify and Mitigate Cyber Risk to Critical Infrastructure

NAES Corporation, the power generation industry’s largest independent providers of operations and maintenance, has announced a partnership with ...

Read More

Multinational generation company finds a way to do risk assessments at 60 sites in weeks not years

Learn how asset owner with 60+ sites built a cyber risk assessments at scale across their fleet in weeks instead of years. 

Read More