Turbot & Steampipe SOC2

Customers value Turbot to provide cloud governance solutions to increase their security and compliance posture across their cloud environments. Customers use Turbot to enable policy based automation for AWS, Azure and GCP to discover & correct misconfigurations instantly. Turbot ensures environments are secure & cost optimized at all times elevating the cloud team to do more with less manual effort. To support Turbot's automation, the product features an event driven, real-time CMDB to capture audit trail & asset inventory, 9500+ point-and-click ready policies to set with inheritance & time-based exceptions, multi-cloud timed-based RBAC management, and managed IaC stack deployments.

Turbot is a powerful governance tool in our customer's cloud environments, earning and maintaining our customers' trust is of the utmost importance to us at Turbot. Our operations, product and engineering teams, are dedicated to ensuring that our products are designed, architected and developed with both the security of our products, and of our customers' data in mind. Because of this we have invested heavily in security, and we are excited to share that Turbot has achieved our annual SOC 2 Type II compliance for Turbot Cloud (SaaS).

With the adoption of industry best practices for controls and processes throughout our environments and software development lifecycle, we strive for best-in-class security. This includes security awareness training for all employees, achieving our CIS Benchmark Certification, undergoing multiple Well-Architected audits as part of our AWS Advanced Tier Security & Cloud Management status, support for our privacy policy for GDPR, CCPA, and Privacy Shield, enterprise supplier audits, and continuous penetration testing.

Ensuring we meet the data security, privacy and compliance needs of our customers is core to our business. This achievement validates our commitment as we strive to earn and maintain our customers' trust, and, as we progress in our compliance journey to help us mature our security posture.

Our SOC audits are conducted annually each April. The auditors prepare their audit report which is then released each May. Our complete SOC 2 Type II audit report is available to customers and prospects under NDA upon request. Visit our Turbot Security page for more information about our security practices.

To learn more about Turbot, connect with us to speak further about your use cases and start a free trial.