Propelo, The Leading Engineering Excellence Platform, Attains SOC-2 Type II Compliance

Engineering Excellence Platform Values Data Security and Privacy of Enterprises and DevOps Teams

SUNNYVALE, Calif., Nov. 3, 2022 /PRNewswire/ -- Propelo, the leading engineering excellence program, recently obtained the SOC-2 Type II certification. Undergoing an extensive certification process, the company demonstrated reasonable assurances that it met all service commitments and system-level requirements under the Trust Service Principles and Criteria framework developed by the American Institute of Certified Public Accountants (AICPA).

"We're pleased to now have this certification, as it increases confidence in a platform that all of our customers have already learned they can trust," states Nishant Doshi, founder and CEO of Propelo. "We went through a strong audit process on behalf of our customers to assure them that we're committed to the continued security of their data and ongoing success of their businesses."

SOC 2 Type II is a security framework that specifies how organizations should protect customer data from unauthorized access, security incidents, and other vulnerabilities. Organizational compliance is determined through a series of tests, reporting, and independent audits over six months to a year.

Armanino, an independent auditor and one of the top 25 largest accounting, consulting, and technology firms, facilitated the process to evaluate Propelo based on many individual requirements and operational controls, including:

• Structural and operational integrity of service-level controls
• Functionality and suitability of the platform
• Operational effectiveness
• Protocols and security measures
• Access control and confidentiality
• Data integrity and accuracy
• How well is sensitive data stored, handled, and transmitted

In contending for industry-leading certification, meticulous auditing procedures verified that Propelo met the Trust Services Principles (TSP) of security, availability, and confidentiality.

Propelo's SOC2 Type II certification reinforces its secure, multi-tenant architecture available to all enterprise-level clients. Propelo doesn't extract and store data directly from the source; it only obtains metadata from DevOps tools. Enterprises also have complete control over which metadata can be pulled and analyzed. Finally, all data is encrypted, both at rest and in transit.

"Propelo is built using 'Secure by Design' principles to empower employees and security teams while maintaining the security and confidentiality of our customer's data," said Megha Tamvada, VP of Products at Propelo.

"SOC 2 Type II observes controls over a longer period, demonstrating a consistent security posture rather than at just a specific point in time," he continues. "Propelo makes all efforts to prioritize information security, availability, and confidentiality." 

Propelo's SaaS platform is hosted within the Google Cloud Platform. Through Role-Based Access Controls (RBAC), Propelo clients can restrict access to specific metrics, dashboards, and datasets. And apply access policies across organizational boundaries, levels of the corporate hierarchy, job function, and team definitions.

Propelo is "quickly becoming a vital management tool" in the eyes of its users.

The company focuses its efforts on improving its flagship product, hiring top talent for its engineering and business functions, and securing both physical and logical access to any confidential data, both internal and customer-related.

To maintain compliance and protect customer data, Propelo regularly conducts multiple security testing procedures, such as:

• Penetration Testing
• Vulnerability Scanning
• Dynamic Application Security Testing
• Static Application Security Testing
• Source Code Composition Analysis
• Bug Bounty Program

Multi-factor authentication (MFA) is required for all product logins, and both SAML/SSO are also supported. These, coupled with detailed audit logs of user logins and other key events, strengthen data integrity and security.

A copy of the SOC-2 Type 2 compliance report is available under NDA by contacting [email protected].

For more about how Propelo is increasing developer productivity, visit https://www.propelo.ai.

Propelo is an Engineering Excellence platform for Enterprise customers. Propelo analyzes data from all your DevOps tools to provide the missing insights and smart workflow automation that increase developer productivity and improve software delivery. Propelo precisely maps to how your enterprise software factory works, enabling engineering leaders to proactively instrument, manage and show the performance of the engineering organization with modern and well-understood success metrics such as DORA. Delivered as a SaaS solution, Propelo integrates quickly with over 40+ SDLC tools, such as Jira, GitHub, Azure DevOps, and Jenkins, to compute DORA and over 100 other insightful metrics within days.

SOURCE Propelo Inc.

WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?

440k+
Newsrooms &
Influencers

9k+
Digital Media
Outlets

270k+
Journalists
Opted In

GET STARTED