skip to Main Content

Signal Sciences

Security and Privacy Compliance Certifications

Customers rely on Signal Sciences web application security to protect their most valuable web layer assets—and that means we must adhere to industry-standard regulatory compliance requirements. External validation by third-party organizations recognizes that we have taken the necessary steps to meet industry-standard regulatory frameworks which furthers the compliance needs of our customers. Our customers can then leverage these certifications to meet their own customers’ expectations regarding compliance.

Corporate Security Practices Informed by Compliance Standards

Signal Sciences embeds security into all aspects of our business: from how we treat customer data, to how we develop products and design security policies. Our processes and controls  align with industry-recognized compliance standards like SOC 2 and HIPAA. An independent third-party regularly audits and reviews our infrastructure and operational processes to ensure we adhere to the necessary compliance guidelines so we can in turn support our customers’ own compliance needs.

Industry-Standard Certifications that Validate Compliance


Service Organization Controls (SOC) 2

Signal Sciences’s operational processes are SOC 2 compliant, as determined by an independent auditor. The SOC 2 report measures internal controls at service organizations relating to security, availability, processing integrity, confidentiality, and privacy. The standards are outlined by the American Institute of CPAs (AICPA).


Health Insurance Portability and Accountability Act (HIPAA)

Signal Sciences’s operational processes are HIPAA compliant. The U.S. HIPAA, as amended, including Health Information Technology for Economic and Clinical Health (HITECH) Act, is a federal law that enables healthcare companies to incorporate technology into their businesses while ensuring data privacy and security.


General Data Protection Regulation (GDPR)

Signal Sciences aligns our privacy practices and is committed to compliance with GDPR. The GDPR is a regulation in EU law on data protection and privacy for all individuals within the European Union. It aims to give control back to EU residents over their personal data.

Questions, Requests, and Resources

Security compliance reports can be requested from our Sales representatives with a signed Non-disclosure Agreement (NDA). 

Customers can request the reports through a Support ticket.

Back To Top