As a security company, our customers expect us to have a mature world-class security program. Their data is sensitive, and they expect the companies that store it on their behalf, to have the best security measures in place to keep it secure.  

At Bugcrowd, we’re constantly updating our security, and each step we take is aimed at giving our customers as much peace of mind as possible.

Today we’re happy to announce that Bugcrowd has achieved SOC 2 Type I compliance.

Based on reporting principles developed by the American Institute of Certified Public Accountants (AICPA), Type I SOC 2 Compliance provides a framework for organizations to document, obtain independent validation of and publish their information security policies and procedures.

To achieve our SOC 2 Type I Assertion, Bugcrowd’s infrastructure and data control policies passed a rigorous test to ensure they adhered to the AICPA’s SOC 2 guidelines for security, system availability, as well as data confidentiality.

Building on Bugcrowd’s ISO 270001 certification we announced earlier this year, Bugcrowd is now the first in the crowdsourced security industry with multiple audited controls. We are committed to holding to the highest standards, the security of our processes, people, researchers and the technology powering our services.

It’s truly a team effort to achieve these certifications, but worth every minute spent. Looking forward, Bugcrowd will continue on demonstrate compliance for SOC 2 Type II, which continues to validate the strength of our controls, and highlights our ongoing commitment to security.

If you want to learn more about security at Bugcrowd check out our FAQ: