Certifications

On this page

We are constantly working hard to improve security at 21RISK. On this page you can read more about the external experts, that we pull in to make sure we do the job well.

SOC2 Type 1

SOC 2 (Service Organization Control Type 2) is an excellent compliance system because it provides a comprehensive framework for managing data security. It's specifically designed for service providers storing customer data in the cloud, ensuring the security, availability, processing integrity, confidentiality, and privacy of customer data.

A SOC 2 report, no matter which type, is the primary document to demonstrate a company’s overall data security efficiency - through testing the system we have in place, SOC 2 Type 1 determines whether the internal controls we put in place to safeguard customer data are sufficient and designed correctly and whether they comply with the trust services criteria.

Because we strongly value data security, and the trust of our clients, as of January 2024 we at 21RISK have upgraded our system accordingly so that we can adhere to the SOC 2 Type 1 certification and we are happy to inform you that we meet all regulatory requirements!

Congrats, your data just became even more secure in our system!

Detectify scan

To keep 21risk.com safe, we have started an automated scans program with Detectify Detectify was founded in Stockholm Sweden, and is today 90+ SaaS security company.

We have configured Detectify to automatically scan our internet exposure every 7 days

Here is the findings, from our latest report (2023 November)

For a full report, contact support@21risk.com .

HTTP header testing

For web-applications, http headers are one of the backbones for a secure environment. To test our headers, we use this tool . Here is the results from our latest test, November 2023.

Penetration testing