Security
Security and Privacy at Single Origin
Single Origin's Security and Privacy teams establish policies and controls, monitor compliance with those controls, and prove our security and compliance to third-party auditors.
Data Protection
Data at rest
All datastores with customer data, in addition to S3 buckets, are encrypted at rest.
Data in transit
Single Origin uses TLS 1.2 or higher everywhere data is transmitted over potentially insecure networks.
Secret management
Encryption keys are managed via AWS Key Management System (KMS).
Product Security
Single Origin requires vulnerability scanning at key stages of our Secure Development Lifecycle (SDLC):
- Static analysis (SAST) testing of code during pull requests and on an ongoing basis
- Malicious dependency scanning to prevent the introduction of malware into our software supply chain
- Network vulnerability scanning on a period basis
Frameworks
SOC 2 Type 2
Single Origin received SOC 2 Type 2 Certification on Nov 30, 2023. You can see and download the full report here.
Penetration Test
Single Origin received the approval of penetration test conducted by Cacilian on Jan 29, 2024. Please request the full report by email us at [email protected]
Updated 11 months ago