linkedin Skip to Main Content
Just announced: We now support interviewing in spreadsheets!
CoderPad Open Menu
Back to blog

SOC2 and CoderPad’s Ongoing Commitment to Security

Announcements

By Nathan Sutter

At CoderPad, part of the responsibility that comes along with being the industry leader in skills-based hiring is taking candidate and customer data security very seriously.

We want all current and prospective customers to be assured that their employee data and any other custom data they bring into CoderPad is strongly secured at all times. We also want all candidates who use our platform to have the same assurance that their privacy and the data they bring into the platform is also strongly secured at all times.

This is why I’m very excited to announce that CoderPad is now SOC2 certified.  

SOC2 certification, issued by the American Institute of CPAs (AICPA), signifies that CoderPad has implemented strict information security policies and procedures. It demonstrates a commitment to ensuring the security, availability, processing integrity, confidentiality, and privacy of customer data. 

For both customers and candidates, our SOC2 certification provides assurance that CoderPad takes data security seriously by protecting all of our data from breaches and unauthorized access. 

In addition to being the industry leader in skills-based hiring, CoderPad’s commitment to customer and candidate data security sets us apart from our competitors. With the addition of SOC2 certification, we’re proud to be the most secure product on the market.

Of course, our SOC2 certification is in addition to all of the usual security measures we take and measures we take to be compliant with United States and International law.

For infrastructure and application security, CoderPad utilizes industry standard cloud providers such as Amazon Web Services, Google Cloud Platform, and Heroku, securing its infrastructure using the CIS Benchmark, weekly vulnerability scans, and a clear patch management policy. Additionally, CoderPad undergoes a yearly penetration test, offers a Bug Bounty program, and ensures new product features and internal processes undergo security assessment prior to release, enhancing practices based on industry shifts and customer input.

For data protection, CoderPad provides single sign-on (SSO) for streamlined authentication and adheres to privacy regulations, being GDPR and CCPA compliant. Data is stored using AES256 encryption, and all web communication uses at least TLS1.2. Additionally, payment data is handled securely through Stripe without storage or processing on our end.

For internal security measures, we have a full-time CISSP-certified Chief Information Security Officer (CISO) and a Data Privacy Officer (DPO), Multi-Factor Authentication (MFA) for critical tool access, and an Endpoint Detection and Response (EDR) security tool on professional endpoints monitored by a security operations center. Additionally, users receive surface encryption on professional endpoints, attend yearly cybersecurity and privacy awareness programs, and adhere to internal cybersecurity policies based on the ISO 27000 framework.

Full details of our security measures can be seen at https://coderpad.io/security/.

Since CoderPad was founded, we have been the industry leader in skills-based hiring. With our SOC2 certification, we’re now very happy to say we are the industry leader in customer and candidate data security, availability and privacy. Of course, customer and candidate security needs will continue to evolve over time. CoderPad’s commitment now and in the future is to be the most secure platform all while being the best solution for skills based hiring in the world.