CyberVault maintains rigorous security controls and undergoes annual independent audits to ensure the highest standards of trust, security, and privacy for your data.
Our controls are evaluated against the AICPA Trust Services Criteria framework.
SecurityImplemented
Protection of system resources against unauthorized access, cyberattacks, and data breaches through strict access controls and monitoring.
AvailabilityImplemented
System accessibility meets uptime SLAs with redundant infrastructure, disaster recovery, and continuous performance monitoring.
Processing IntegrityImplemented
System processing is complete, valid, accurate, and timely. Data integrity is maintained across all pipelines and threat analysis engines.
ConfidentialityImplemented
Information designated as confidential is properly protected via encryption at rest/in transit, strict IAM policies, and data classification.
PrivacyImplemented
Personal information is collected, used, retained, disclosed, and disposed of in conformity with privacy principles and global regulations.
Continuous Monitoring & Audit History
Security is not a one-time event. We maintain continuous compliance through automated controls and quarterly reviews.
January 2024
SOC 2 Type II Audit Initiated
Engagement with independent CPA firm to evaluate operational effectiveness over 12-month period.
Quarterly
Internal Control Reviews
Automated compliance checks, access reviews, and penetration testing to validate control effectiveness.
December 2024
Audit Completion & Attestation
Unqualified opinion issued. All tested controls operated effectively throughout the reporting period.
Request Your SOC 2 Report
Due to the sensitive nature of our security architecture, our full SOC 2 report is distributed under a mutual NDA to authorized partners, prospects, and compliance teams.
Everything you need to know about our compliance posture.
Type I evaluates the design of controls at a specific point in time. Type II (which CyberVault holds) evaluates the operating effectiveness of those controls over a minimum 6-12 month period, providing stronger assurance.
We undergo a comprehensive SOC 2 Type II audit annually. Additionally, our internal compliance team runs automated control testing daily and conducts quarterly internal reviews and penetration tests.
Yes. Once the mutual NDA is executed, the encrypted download link can be shared with authorized personnel within your organization for compliance and vendor risk assessments.
Our security program is designed to align with ISO 27001, NIST CSF, GDPR, HIPAA, and CCPA. We maintain mappings to these frameworks and can provide specific addendums upon request.