HashiCorp Achieves SOC 2 Type I Compliance

Earning and maintaining our customers’ trust is of the utmost importance to us at HashiCorp. Because of this we have invested heavily in security, and we are excited to share that HashiCorp has achieved SOC 2 Type I compliance for HashiCorp Terraform Enterprise, Vault Enterprise, Consul Enterprise, Nomad Enterprise, and Terraform Cloud.

Our security team, in collaboration with our product and engineering teams, is dedicated to ensuring that our products are designed, architected and developed with both the security of our products, and of our customers’ data in mind.

With the adoption of industry best practices for controls and processes throughout our environments and software development lifecycle, we strive for best-in-class security. This includes security awareness training for all employees, internal threat models, as well as external penetration testing, vulnerability management, security in the release cycle, and endpoint management.

Our security program was audited by an external third party against the AICPA Trust Service Principles, including Security, Availability and Confidentiality. This achievement validates our commitment as we strive to earn and maintain our customers’ trust, and, as we progress in our compliance journey, and pursuing SOC 2 Type II, along with ISO 27001, helps us mature our security posture. For more information about HashiCorp security, please visit hashicorp.com/security.

Our complete SOC 2 Type I audit report is available to customers and prospects under NDA upon request.