SOC 3
Veracode has received a SOC 3 attestation report evidencing that appropriate internal controls are in place relating to the security, availability, and confidentially of customer information within our environment.
The SOC 3 report represents that Veracode, as a service organization, has been through an independent examination and evaluation of our control activities as they relate to applicable Trust Services Principles and Criteria (2017) defined by the AICPA.
Veracode’s SOC 3 Report includes Veracode’s system description and provides an assurance that controls implemented by Veracode were suitably designed to meet or exceed the prescribed criteria for applicable trust principles of:
-
Security: The system is protected against unauthorized access (both physical and logical);
-
Availability: The system is available for operation and use as committed or agreed; and
-
Confidentiality: Information designated as confidential is protected as committed or agreed.
The SOC 2 is for limited distribution and shared under non-disclosure agreement (NDA). Please direct all requests through your Veracode Account Executive, Account Manager, or Customer Service Representative.
Data Privacy Framework
Veracode has certified that it adheres to the Data Privacy Framework Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Data Privacy Framework program, please visit Digital Privacy Framework. To view Veracode’s current self-certification, please visit Digital Privacy Framework.