Compliance
Detectify maintains compliance with industry-recognized security standards and frameworks. This page details our certifications and how they benefit our customers.
ISO 27001
Detectify is ISO 27001 certified. ISO 27001 is the international standard for information security management systems (ISMS). Our certification covers:
- Information security policies and procedures
- Risk assessment and treatment processes
- Access control and asset management
- Cryptographic controls
- Operations security
- Incident management
- Business continuity
The certification is maintained through annual surveillance audits and a full recertification cycle every three years.
SOC 2 Type II
Detectify has completed a SOC 2 Type II audit, which evaluates the design and operating effectiveness of controls over an extended period. The audit covers:
- Security — Protection of the system against unauthorized access
- Availability — Accessibility of the system as committed
- Confidentiality — Protection of information designated as confidential
SOC 2 reports are available to customers and prospects under NDA through the Detectify Trust Center.
GDPR
Detectify is fully compliant with the General Data Protection Regulation (GDPR). See Data Privacy for detailed information about our data handling practices.
Compliance Framework Support
Detectify helps customers meet their own compliance requirements by providing:
| Framework | How Detectify helps |
|---|---|
| PCI DSS | Regular vulnerability scanning and reporting for web applications handling payment data |
| SOC 2 | Evidence of continuous security testing for your applications and infrastructure |
| ISO 27001 | Vulnerability management as part of your ISMS risk treatment process |
| HIPAA | Security assessment of applications handling protected health information |
| NIST CSF | Continuous monitoring and vulnerability identification aligned with NIST categories |
Requesting Compliance Documentation
To request copies of audit reports, certifications, or the Data Processing Agreement:
- Visit the Detectify Trust Center
- Contact your Detectify account representative
- Reach out to Detectify support at support.detectify.com
Some documents may require an NDA before sharing.