all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

SOC 2 Reports and Penetration Tests

Add to bookmarks
c
Jan. 31, 2024, 6:07 p.m. |

Cloud Security Alliance cloudsecurityalliance.org

Originally published by MJD.Written by Mike DeKock, CPA. We get asked a lot about whether penetration testing is required to complete a SOC 2 report. The short version of the answer is “no” - there are no explicit requirements for penetration testing (or any controls) within a SOC 2 report. The longer version is nuanced but generally gets answered by asking a few questions: Do you have any customer contracts requiring a penetration test? If yes, then it’s required. Granted, …

controls explicit lot penetration penetration testing penetration tests report reports requirements soc soc 2 testing tests version written

Visit resource

More from cloudsecurityalliance.org / Cloud Security Alliance

Cl
Navigating the Cloud – Beyond “Best Practices” 1 day, 11 hours ago | cloudsecurityalliance.org
architectures best practices beyond businesses +17
Cl
Defining Cloud Key Management: 7 Essential Terms 1 week ago | cloudsecurityalliance.org
access access control breaches cloud +26
Cl
How DSPM Can Help Solve Healthcare Cybersecurity Attacks 1 week ago | cloudsecurityalliance.org
access access controls article attacks +41
Cl
Considerations When Including AI Implementations in Penetration Testing 1 week ago | cloudsecurityalliance.org
application artificial artificial intelligence ask +15
Cl
Five Reasons Why Ransomware Still Reigns 1 week ago | cloudsecurityalliance.org
ben ciso consent cxo +15
Cl
DevSecOps Tools 1 week ago | cloudsecurityalliance.org
code code management development devops +18
Cl
Livin' on the Edge: Linux's Impact on Computing 1 week, 1 day ago | cloudsecurityalliance.org
attitudes automox changing ciso +16
Cl
Your Ultimate Guide to Security Frameworks 1 week, 2 days ago | cloudsecurityalliance.org
breaches build business customers +13
Cl
The Future of Cloud Cybersecurity 1 week, 2 days ago | cloudsecurityalliance.org
businesses ceo cloud cloud computing +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Application Security Engineer - Remote Friendly

@ Unit21 | San Francisco,CA; New York City; Remote USA;
View on infosec-jobs.com

Cloud Security Specialist

@ AppsFlyer | Herzliya
View on infosec-jobs.com

Malware Analysis Engineer - Canberra, Australia

@ Apple | Canberra, Australian Capital Territory, Australia
View on infosec-jobs.com

Product CISO

@ Fortinet | Sunnyvale, CA, United States
View on infosec-jobs.com

Manager, Security Engineering

@ Thrive | United States - Remote
View on infosec-jobs.com
View more jobs