Security
Safe and Secure
with Scend
Scend is built from the ground up with enterprise-grade security at the core.
View Trust ReportGovernance
Scend's teams establish policies and controls, monitor compliance with those controls, and prove our security and compliance to third-party auditors.
Our policies are based on the following foundational principles:
01.
Access should be limited to only those with a legitimate business need and granted based on the principle of least privilege.
02.
Security controls should be implemented and layered according to the principle of defense-in-depth.
03.
Security controls should be applied consistently across all areas of the enterprise.
04.
Implementation should be iterative, continuously maturing for greater effectiveness, auditability, and decreased friction.
Data and Product Protections
Penetration Testing
Scend engages with one of the best penetration testing consulting firms, Red Sentry, in the industry at least annually.
Vulnerability Scans
Scend requires vulnerability scanning at key stages of our Secure Development Lifecycle (SDLC), including network vulnerability scanning on a periodic basis.
Data at Rest
All datastores with customer data, in addition to S3 buckets, are encrypted at rest. Additionally, sensitive data is protected with field-level encryption.
Data in Transit
Scend uses TLS 1.2 or higher everywhere data is transmitted over potentially insecure networks.
Industry Standards and Certificates
We regularly work with independent experts to verify our security, privacy, and compliance controls.
(pending)