Blog

Does Blue Sage conduct regular security audits?

Absolutely! We maintain a comprehensive security program with multiple layers of protection:

  • Annual SOC Compliance:
    • We undergo rigorous Type 1 & 2 SOC audits yearly
  • Ongoing Software Security:
    • Weekly DAST vulnerability testing via BurpSuite Enterprise
    • Regular SAST code quality checks using SonarQube & within developer IDE
    • Immediate ticketing and resolution of all discovered issues
  • Independent Verification:
    • Annual web application penetration testing against OWASP Top 10 vulnerabilities by independent third-party
    • Network penetration testing & CIS benchmark results
  • Proactive Protection:
    • Yearly risk assessments identify and address potential vulnerabilities
    • Annual disaster recovery and business continuity testing
    • Comprehensive monitoring through Amazon Security Hub with automated compliance checks

This multi-faceted approach ensures our platform maintains the highest security standards while promptly addressing any emerging threats.

Share this:
Lower costs. Boost productivity. Close more loans.

REQUEST DEMO