We monitor 100+ security controls and work with auditors and security experts to ensure automated tests are accurate.
We monitor 100+ security controls and work with auditors and security experts to ensure automated tests are accurate.
AWS
AWS handles physical and virtual aspects as part of the shared responsibility model. Deployments with AWS Fargate limit our footprint and ensure a better security posture.
Infrastructure as Code
Infrastructure as code with Terraform allows peer reviewed changes, template scanning for vulnerabilities, and quick recovery in case of outages.
Drata
Scoop uses Drata's automation platform to continuously monitor 100+ security controls across our organization. Automated alerts and evidence collection allows us to confidently prove our security and compliance posture any day of the year, while fostering a security-first mindset and culture of compliance across the organization.
Security Observability
We leverage AWS Security Hub, AWS Inspector, Datadog, amongst other tools to continuously Scan for vulnerabilities and exposures.
Is Scoop SOC2 Compliant?
Yes, Scoop is SOC2 Type II and SOC3 compliant. To access our reports contact security@takescoop.com
Is your data encrypted?
Data is encrypted in transit between the public internet and Scoop's networks in AWS (TLS 1.2). Data is also encrypted at rest using AWS-managed keys. User passwords are encrypted (salted and hashed) using modern encryption libraries, and multi-factor authentication is required for every account. Data submitted by clients is heavily validated for correctness, and system logs strive to never include sensitive information
What data do you store?
For full information on the data Scoop collects, how we use it and how we protect your privacy please see our privacy policy.
Is Scoop GDPR Compliant?
Yes, Scoop is GDPR compliant, however we currently only support data residency in the United States. Download Scoop's data processing agreement here.
Where can I find the list of Data Subprocessors?
You can navigate to to see the most recent list of data sub processors at Scoop Sub Processors.
Can you provide a pen test report?
The latest penetration test report can be provided to customers by emailing security@takescoop.com.
How can I report Security issues?
We review security issues as soon as possible and you can report them by emailing security@takescoop.com.
An automation-led approach allows us to confidently prove our security and compliance posture any day of the year and fosters a culture of compliance.