Security Is Integral To Everything We Do

At Valence, we’re dedicated to helping companies trust their third-party vendors and ensure SaaS-to-SaaS supply chain access is properly managed and secured. Therefore, when it comes to our own SaaS platform, safeguarding customer data and maintaining customer trust is a top priority.

From our earliest days, we incorporated data protection, availability and integrity to the core of our operations.

This comes into effect into ensuring compliance early on with industry standards such as SOC 2 Type II, but also taking the extra mile to ensure security is embedded into everything we do. We have certifications, processes, and audits in place to ensure security, uptime, and deliverability. These certifications, penetration testing summaries, etc. are available upon request for Valence customers.

Valence- SOC 2 Type II Compliance- Valence security

SOC 2 Type II Compliance

To ensure our platform could be trusted by global security teams, we ensured that from day 1, our Valence SaaS mesh security platform was built with high security standards and a security mindset. Therefore, Valence completed a SOC 2 Type II attestation which was performed by external auditors and periodically assessed to ensure ongoing compliance.

The SOC 2 Type II compliance ensures that Valence’s risk management, software development and security practices meet AICPA’s Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality or Privacy.

Infrastructure Security

AWS- SaaS-to-SaaS supply chain security- Valence security

AWS cloud hosting - subject to the high compliance standards

SaaS-to-SaaS supply chain security- Valence security

Hardened operating systems (OS)

SaaS-to-SaaS supply chain security- Valence security

Cloud runtime protection

SaaS-to-SaaS supply chain security- Valence security

Cloud assets vulnerability scanning

SaaS to SaaS Supply Chain Security

Data Protection and Privacy

SaaS to SaaS Supply Chain Security

Logical tenant separation

SaaS to SaaS Supply Chain Security

IAM Identity and permission per tenant

SaaS to SaaS Supply Chain Security

Separate database, storage and secrets per tenant

SaaS to SaaS Supply Chain Security

Encryption in-transit and encryption at-rest

SaaS to SaaS Supply Chain Security

Application Security

SaaS to SaaS Supply Chain Security

Annual external penetration testing - zero findings left open

SaaS to SaaS Supply Chain Security

Vulnerability scanning (source code, dependencies and containers)

SaaS to SaaS Supply Chain Security

Strict Content Security Policy

SaaS to SaaS Supply Chain Security

Change management & Secure Development Lifecycle (secure SDLC)

SaaS to SaaS Supply Chain Security

IT Security

SaaS to SaaS Supply Chain Security

Valence personnel least privilege (need-to-work basis) access to data

SaaS to SaaS Supply Chain Security

Continuous asset and patch management

SaaS to SaaS Supply Chain Security

Multi-factor authentication (MFA) and single sign-on (SSO) access

SaaS to SaaS Supply Chain Security

Security monitoring, incident response and Vendor risk management

SaaS to SaaS Supply Chain Security

Assess Your SaaS to SaaS Supply Chain

What Risks Are Lurking in Your Shadow Third-party SaaS Integrations?
Free Assessment