We are pleased to announce that SolarWinds® Database Performance Monitor (DPM) has successfully completed SOC 2 Type II certification. This reaffirms and advances our ongoing commitment to protecting our customers
—and by extension, their customers. The report is the result of another intensive effort by our dedicated security team, providing evidence to our auditors so they could examine our processes and controls. The audit was completely successful, as with our first audit, and was a clean and uneventful process.
If you’re not familiar with SOC 2 Type II, it is a follow-on certification to SOC 2 Type I, which certifies that we maintained SOC 2 controls without lapse for at least 6 months. But what does that mean, in the big picture? It means that you can trust that we’re really doing what we claim to do. It also sets us apart from many of the vendors you likely do business with. SOC 2 Type II is a very mature security posture relative to many companies, even those that are in the business of security itself.
Finally, it underscores that SolarWinds is always improving, which is one of our Core Values. Security and risk management, like anything in life, are ongoing processes—not a destination to be achieved. At SolarWinds, our dedicated (and growing) security team leads our efforts, follows a Risk Management framework, reports directly to the CEO, and reports to the Board of Directors. And their leadership involves every person at the company.
SOC 2 Type II certification is also just one of the efforts SoalrWinds has undertaken in the past months. Among our many recent and ongoing security-related projects are a bug bounty program, single-sign-on integrations, additional internal architectural layers with advanced controls, and of course, continuation of all the things we were already doing—such as continual training, vulnerability testing, and penetration testing. We’re also planning on implementing further frameworks and achieving additional formal certifications.
If you’d like to request a copy of the SOC 2 Type II audit report, please contact your sales representative or account manager.