We are excited to announce that ProjectDiscovery Inc. has successfully achieved SOC 2 Type 2 certification, in accordance with the American Institute of Certified Public Accountants (AICPA) standards for SOC 2 for Service Organizations, also known as SSAE 18.

This certification serves as external validation, confirming that ProjectDiscovery Inc. ensures enterprise-level security regarding customer data within ProjectDiscovery Cloud Platform (PDCP).

This is a noteworthy stage for our team; it acknowledges our commitment to upholding the highest standards of cybersecurity and compliance for the data we have been entrusted with.

In line with this recognition, we created a Trust Center to serve as the central hub for learning about our cybersecurity and compliance status.

Furthermore, the audit also revealed the ProjectDiscovery Cloud Platform as a valid and powerful compliance tool, highlighting the effectiveness of the platform in checking SOC 2 requirements. This includes addressing the Quarterly Vulnerability Scan control outlined in control line DCF-18.

ProjectDiscovery, Inc. was audited by Prescient Assurance

ProjectDiscovery Inc. underwent an audit by Prescient Assurance, a leader in security and compliance attestation for B2B SaaS companies worldwide. Prescient Assurance is a registered public accounting firm in the US and Canada, providing risk management and assurance services, including SOC 2, PCI, ISO, NIST, GDPR, CCPA, HIPAA, and CSA STAR. For more information about Prescient Assurance, you may reach out to them at [email protected].

The audit began in 2022 and concluded in September 2023, marking the date when we received the certification. The certification extends until 2024 and requires annual renewal.

Explore our Trust Center with SafeBase

Our Trust Center is powered by SafeBase, a platform designed to bootstrap the creation of a customer-facing portal tailored for cybersecurity and compliance teams. This platform facilitates the development of necessary interfaces and customer experiences, enabling us to efficiently highlight our cybersecurity and compliance status. It supports our team’s efforts to showcase our stance and communicate achieved controls in a timely manner.

To begin, visit our Trust Center and complete the access request form. Please note we retain the right to either approve or decline access requests to the shared repository on the Trust Center.

PDCP to pass Quarterly Security Scan check

A significant milestone in our journey was the successful completion of one of the controls using our own solution. The Quarterly Security Scan (DCF-18), a critical checkpoint outlined in the SOC 2 control list, was effectively navigated using ProjectDiscovery Cloud Platform. This not only speaks volumes about our product's efficacy but also reinforces our confidence in the solutions we offer.

Specifically, we provided the auditor with a document exported from the platform encompassing results and configuration settings set for executing weekly security scans on our exposed infrastructure. This document helped the auditor comprehend the scope, findings, and status of the issues we tackled after their discovery.

SOC 2 Certification as a measure of maturity

We express deep gratitude for the trust placed in us by our partners and our community. Our team is genuinely inspired by the values of trust and integrity, and we are engaged in safeguarding customer data and shielding our community from cyber threats.

With the achievement of SOC 2 Type 2 certification, our focus now turns to maintaining these high security standards and also firmly positions us to meet extended international standards.

As technology advances, we are thrilled to remain at the forefront of cybersecurity and are ready to provide a suite of services for cybersecurity specialists through the cloud and in the open-source fields.

We sincerely appreciate our partners’ and community’s enthusiasm and support as we embark on the next stage of our journey.