BACK
changelog image

GitStart completed a SOC2 Type 1 audit

GitStart completed a SOC2 Type 1 audit

We keep your data secure with enterprise-grade security standards.
October 24
2023

At GitStart, our mission is to help you build more software faster, while growing the next generation of developers. We provide a code-as-a-service solution to help you build, maintain, and scale your software.

We understand you trust us with some of your most sensitive data: production code. Given this, our team has always followed rigorous practices to keep your data safe. We want to preface this news by saying that SOC2 isn’t the only thing we do; it’s just one of the many.

Today, we’re happy to announce a significant achievement emphasizing this commitment: we’ve completed our SOC 2 Type 1 audit. This is big for us but even more significant for you.

What is SOC2?

SOC2 is a set of standards that ensures that companies follow industry best practices regarding data security. It’s becoming increasingly important for companies that handle sensitive data, as well for our customers in highly regulated industries.

In simpler terms, we’re keeping your information secure, controlling access to our services and keeping them reliable so you can focus on what matters most - building great software with GitStart.

SOC2 Type I - What does it mean?

GitStart has successfully completed the SOC 2 Type I audit.

There are two types of audits: a Type I audit takes a point-in-time snapshot of our processes. The Type II, which we are also pursuing, confirms over several months that the company consistently adhered to those processes.

We followed a pentest-driven approach to ensure that our security practices are robust and worked with a third-party auditor to examine our processes.

With SOC2 Type I, you can be assured that:

  • We have consistent policies governing who has access to what information within the company
  • Two-factor authentication is required for all employees
  • We have a formal process for handling and communicating security incidents
  • Our application is comprehensively monitored and logged
  • We have formal processes for managing and testing our infrastructure
  • We terminate access to our systems when an employee leaves the company

There’s more to this, but this list should give you a sense of what we do.

Next steps

Our customers will get access to our full SOC 2 Type 1 report to see precisely how we’re ticking all the boxes and what policies we have in place.

A Type I audit is a significant first step, but it’s just the beginning. It paves the way towards completing a SOC 2 Type 2 examination, which will allow us to consistently demonstrate the security of our operations over time, not just a point-in-time snapshot. We hope to share more updates on this front in the coming months.

We’re excited to continue this journey of helping you ship more software.

Get in touch if you want to know more

If you’re a GitStart customer and would like a copy of our SOC 2 report, please don’t hesitate to email us at support@gitstart.com.

If you want to try our code as a service solution to accelerate your team but are unsure, don’t hesitate to ask us for a call where we can answer any questions you might have about security or any other aspect of our product.

© 2024 Murcul, Inc. All rights reserved.