Our StoryBlogPodcastAdoption Report
Documentation
Activate Account

General

Suggest Edits

Trinsic

SOC2

Trinsic is SOC2 Type I certified and is obtaining its Type II certification, which we aim to have completed by the end of 2024.

Secure Software Development Life Cycle (SDLC)

We follow best practices in security engineering -- all code is peer reviewed by at least 1 other senior engineer and we have a yearly penetration test against our infrastructure.

Our dependencies are updated weekly to ensure we're on the latest vulnerability fixes, including base container images that run our infrastructure.

Access control and least privilege

All access to backend infrastructure is gated behind the principle of least privilege, with only senior engineering leadership having access to production infrastructure. We require strong MFA on all accounts for all services we use internally.

Infrastructure

Backup and disaster recovery

Trinsic's data infrastructure on Microsoft Azure is backed up continuously, allowing detailed recovery timelines in case of outages.

We regularly test this database recovery to ensure functionality.

Logging, Monitoring and Security

Application-level and infrastructure security logs are stored for 30 days.

We employ continuous monitoring of our infrastructure and code repositories.

Updated 3 days ago