Blog

Safety CLI Cybersecurity Issued Clean SOC 2 Audit

December 16, 2022
2 min read
Safety CLI Cybersecurity Issued Clean SOC 2 Audit

Safety CLI Cybersecurity Issued Clean SOC 2 Audit

Safety CLI Cybersecurity's platform and security practices were audited with zero exceptions

VANCOUVER, BC - December 16, 2022 - Safety CLI Cybersecurity, the leader in Python dependency security scanning and compliance, has successfully completed a System and Organization Controls (SOC) 2 Type I audit. Safety CLI's SOC 2 Type I report did not have any noted exceptions and therefore was issued with a "clean" audit opinion.

"Security and compliance have always been a critical part of our organization," said Justin Womersley, CEO of Safety CLI Cybersecurity. "This clean SOC 2 audit is an important step for Safety. It confirms our existing commitment to security and accountability and provides even more assurance to our customers and partners that their data is being handled with the utmost care and protection."

Developed by the American Institute of Certified Public Accountants (AICPA), the SOC 2 information security standard is an audit report on the examination of controls relevant to the trust services criteria categories covering security, availability, processing integrity, confidentiality, and privacy. A SOC 2 audit is performed by an accredited CPA firm and verifies that all the necessary safeguards are in place to protect customer data and that the safeguards are operational. Safety's audit was performed by Sensiba San Filippo, LLP (SSF), in partnership with the Drata compliance monitoring platform. 

A SOC 2 Type I report describes a service organization's systems and whether the design of specified controls meets the relevant trust services categories at a point in time. Safety CLI's SOC 2 Type I report did not have any noted exceptions and therefore was issued a "clean" audit opinion from SSF. Safety CLI will now start the SOC 2 Type II audit, which will confirm the same adherence to security and compliance measures over a period of time, and expect this report by Q2 2023.

About Safety CLI Cybersecurity

Safety CLI Cybersecurity specializes in dependency security and is used by thousands of teams to secure their environments. Safety CLI's cybersecurity intelligence team tracks signals in public source control data, and manually confirms the details of every new CVE, resulting in the most comprehensive and accurate Python vulnerability database. Safety CLI provides data, products and expertise to Fortune 500 companies, federal agencies, financial services institutions, telecom providers, hospitals, and other cybersecurity companies.

Safety CLI Cybersecurity's open-source tools and data, such as the Safety CLI scanning tool, are used by millions of developers each month and power the scanning functionality of foundational open-source projects such as PyPa's Pipenv and RedHat's Clair.

Reduce vulnerability noise by 90%.
Get a demo today to learn more.