SOC reports are independent, third-party reports on an organization’s procedures around security, availability, processing integrity, confidentiality, and privacy.
SOC 2 reports are based on the Auditing Standards Board of the American Institute of Certified Public Accountants’ (AICPA) existing Trust Services Criteria (TSC).
TestRail maintains compliance with SOC 2 auditing procedures and has received a SOC 2 Type 1 certification. To produce the SOC 2 report, all of TestRail’s control, security, and risk management processes are reviewed by an independent third-party auditing firm, including but not limited to:
24/7 Proactive Monitoring: All our systems are continuously monitored for security, availability, and performance
SSL/HTTPS Encryption: Communication with our servers is securely encrypted using SSL, HTTPS, and TLS
Automatic Updates: Benefit from complete maintenance with an automated system and application updates
Professional Data Centers: We exclusively use leading data center providers with excellent physical security controls
System & Data Backups: All our systems are regularly backed up for disaster recovery and system outages
Data Protection: We are bound to very strict German and European data protection laws
High Availability: Full redundancy of all important systems and world-class data connectivity
Database Isolation: Separation of customer data with database-level isolation and access permissions
Access Permissions: Fine-grained access control via system permissions, roles, and network addresses
To learn more about TestRail’s security processes or for other compliance-related information, visit our Policies & Procedures page.
Amrathraj Nayak
Test Automation Engineer
