Menu Icon
< back to main
 • 2 min read

Announcing SOC 2 Type 1 Certification: A Commitment to Our Customers

As an application security company, offering our customers the highest level of confidence in our own security practices is critical.

Announcing SOC 2 Type 1 Certification: A Commitment to Our Customers
Ray Espinoza
Ray Espinoza

Ray Espinoza is the Head of Security at Cobalt. With over 20 years of technology experience and 12+ years in information security, Ray’s collaborative leadership style has enabled him to build information security and risk management programs that support business objectives and build customer trust.

Want to see the platform in action?
get a demoArrow Right
Want to see the platform in action?
get a demoArrow Right

soc 2 type 1 1

As an application security company, offering our customers the highest level of confidence in our own security practices is critical. Today, we are thrilled to announce that as of April 2020, Cobalt is officially SOC 2 Type 1 certified.

We wanted to highlight to our customers that we consistently build security programs that are auditable, repeatable, and built to a framework baseline that is easy for everyone to understand. This requires consistency across the board. SOC 2 involves particular controls that go into the audit, and achieving certification shows that we’ve been able to meet or exceed those expectations for each area.

SOC 2 certification is an industry standard framework when you have a SaaS platform because it covers so many fundamental areas of security, governance, risk, and compliance for service providers. Our goal over the past year was to raise the bar on security, and the focus on SOC 2 provided the framework and structure to meet that goal while also improving our operational security capabilities.

Our end goal of achieving SOC 2 certification is developing comprehensive programs that will stick around for a very long time, while always driving for iterative improvements. At the highest level, this includes formalizing tactical initiatives driven by different teams and for infrastructure.

It is important to point out that just because you are SOC 2 certified doesn’t mean you are fully secure. However, it does highlight a commitment to customers to ensure that their data is protected to industry standard.

SOC 2 certification is a journey that requires a deep dive into your system, but it’s worth it for you and your customers. For us, this milestone will allow us to achieve our SOC 2 Type 2 audit in early 2021. This shows that we are maintaining all of our controls on a recurring basis throughout the year instead of at just one point in time.

Stay tuned for our next SOC 2 blog post that will share what considerations to keep in mind when thinking about getting SOC 2 certified.

News

Related Stories

Announcing SOC 2 Type II Certification: Reinforcing our Commitment to Security
Announcing SOC 2 Type II Certification: Reinforcing our Commitment to Security
We are delighted to share the news that Cobalt is now SOC 2 Type II certified!
Read moreArrow Right
How to Achieve SOC 2 Type 2 Compliance
How to Achieve SOC 2 Type 2 Compliance
The differences between SOC 2 Type 1 and Type 2, how to obtain Type 2, and how a compliance automation platform like Drata can help you easily achieve these goals.
Read moreArrow Right
How to Become SOC 2 Type 1 Certified and Elevate Your Status in a Competitive Business Atmosphere
How to Become SOC 2 Type 1 Certified and Elevate Your Status in a Competitive Business Atmosphere
Your customers are looking for assurance that you have security properly baked into your systems.
Read moreArrow Right
Strengthen Your Security Posture with Cobalt’s Professional Services
Strengthen Your Security Posture with Cobalt’s Professional Services
Access professional cybersecurity services with the expert team at Cobalt.
Read moreArrow Right

Never miss a story

Stay updated about Cobalt news as it happens