Signal Sciences
Security and Privacy Compliance Certifications
Customers rely on Signal Sciences web application security to protect their most valuable web layer assets—and that means we must adhere to industry-standard regulatory compliance requirements. External validation by third-party organizations recognizes that we have taken the necessary steps to meet industry-standard regulatory frameworks which furthers the compliance needs of our customers. Our customers can then leverage these certifications to meet their own customers’ expectations regarding compliance.
Industry-Standard Certifications that Validate Compliance

Service Organization Controls (SOC) 2
Signal Sciences’s operational processes are SOC 2 compliant, as determined by an independent auditor. The SOC 2 report measures internal controls at service organizations relating to security, availability, processing integrity, confidentiality, and privacy. The standards are outlined by the American Institute of CPAs (AICPA).

Health Insurance Portability and Accountability Act (HIPAA)
Signal Sciences’s operational processes are HIPAA compliant. The U.S. HIPAA, as amended, including Health Information Technology for Economic and Clinical Health (HITECH) Act, is a federal law that enables healthcare companies to incorporate technology into their businesses while ensuring data privacy and security.

General Data Protection Regulation (GDPR)
Signal Sciences aligns our privacy practices and is committed to compliance with GDPR. The GDPR is a regulation in EU law on data protection and privacy for all individuals within the European Union. It aims to give control back to EU residents over their personal data.
Questions, Requests, and Resources
Security compliance reports can be requested from our Sales representatives with a signed Non-disclosure Agreement (NDA).
Customers can request the reports through a Support ticket.