Security Program Highlights

SOC 2 Type II Certified

Asset Panda is SOC 2 Type II certified as of February 2023. A SOC 2 examination is a report on controls at a service organization relevant to security, availability, processing integrity, confidentiality, or privacy, and was created by the American Institute of Certified Public Accountants (AICPA). Asset Panda was audited by the Johanson Group and certified for the first of the five criteria (security), which is focused on protecting information from unauthorized access.

Data Security

Asset Panda encrypts all data at rest and in transit for our application and customer data. We utilize AWS Key Management Service to centrally manage keys and define policies in line with the industry’s best practices.

Application Security

Asset Panda periodically engages with third-party security experts to evaluate our Application Security posture. Our penetration tests and scans evaluate our source code, application and infrastructure to ensure Asset Panda is compliant with the industry best practices.

Infrastructure Security

Asset Panda uses Amazon Web Services to host our application. We use a wide array of security tools provided by AWS, including KMS, GuardDuty, Inspector, Macie, IAM Access Analyzer, Systems Manager Patch Manager and Firewall Manager.