Deepwatch Trust Center

Trust and Security are at the foundation of our mission to protect and defend our customers, users, and data.

Want to request documents and learn more about our security posture?

Check out Deepwatch's Security Portal.

Trust and Security with Deepwatch Managed Security Services

The Deepwatch Trust Center provides the latest information on the security, compliance, privacy, and reliability of our products and services, including Managed Detection and Response, Vulnerability Management, and Endpoint Security. These are the standards established to build trust and meet the requirements of our customers.

Deepwatch Certifications

Deepwatch complies with a variety of industry-standard certifications, including SOC2 Type II, PCI-DSS, and TRUSTe Enterprise Privacy and Data Governance.

Meet Your Compliance Requirements with Deepwatch

The Deepwatch suite of services can help you work in accordance with several compliance requirements including:

HIPPA
PCI Security Standards
GDPR
Sarbanes Oxley

Security at Deepwatch

Deepwatch was designed from the ground up with security in mind. Below are a few of the controls our dedicated security team has implemented to ensure our services are secure.

Identity and Access Management

Deepwatch identities and credentials are issued (and revoked) via an automated solution triggered by the onboarding of new employees via our Human Resources Information System (HRIS), which has custom role-based attributes pre-defined; access changes and terminations are managed via the same mechanism. Access to specific applications is managed via our Identity and Access Management (IAM) Provider and is based on the defined role in our HRIS.

Single Sign-On and Multi-factor authentication is required for all accounts that access the Deepwatch Platform. Additionally, identities and credentials are audited and verified on a quarterly basis in accordance with the industry best practices.

Customer access is generated via the same mechanism. Federated customers are permitted to utilize their own password requirements and security controls.

Personnel Security

Deepwatch performs a multi-pronged approach to personnel security including identity/citizenship verification, background checks, credit checks, and drug screenings. Each of these checks is performed by a third party prior to an employee's onboarding into the organization.

After onboarding, Deepwatch employees are read into and bound by non-disclosure and confidentiality agreements and various trainings related to Sexual Harassment, Diversity and Inclusion, Anti-Discrimination, and Cybersecurity Awareness.

In addition, Deepwatch has implemented a comprehensive phishing program to raise awareness about the threat of phishing and social engineering.

Encryption
Data at Rest

All Deepwatch data is hosted in AWS, unless negotiated by the customer, and is isolated into customer-specific VPC's . This data is stored within AWS's Elastic Block Storage (EBS) volumes, EC2 Instances, and S3 Buckets are all encrypted using keys managed by the AWS Key Management Service (KMS). Each instance uses AES-256 bit encryption.

Data in Transit

All Deepwatch employees connect to the production environment via a zero-trust application, which provides point-to-point application-level access to customer resources. Customer data transmitted on the network is encrypted over Transport Layer Security (TLS) 1.2.

Endpoint Security

Laptops at Deepwatch are configured in an MDM solution based on a standard baseline that enforces various controls including, but not limited to password requirements, device encryption, auto-lock/screensavers, and A/V and EDR tool deployment.

Cloud Solution Provider systems are configured based on established standards, which are deployed automatically via playbooks.

Risk Management Program

Deepwatch has established a risk management program including a formal risk management standard and a comprehensive risk register which includes input from numerous internal and external technical resources, tabletop exercises, audits, and other sources. The Risk Management Board meets at least quarterly to conduct risk assessments and review the risk register.

Governance

Deepwatch has a comprehensive suite of security policies, standards, and procedures covering topics including, but not limited to: Change Management, Data Classification, Asset Management, Incident Response, Privacy, and Third Party Risk Management. Each document is readily available on the company's intranet. All Deepwatch employees and contractors are accountable to reading, understanding, and adhering to the guidance set forth in the policies and attest as such.

A governance structure for the Security, Risk, and Compliance (SRC) team at Deepwatch has also been established with our CIO/CISO as the executive leader responsible for overseeing the program. The SRC team is responsible for all tasks relating to Security Operations in addition to Governance, Risk Management, and Compliance; it works with stakeholders across the organization to attain its goals.

Security Testing

Deepwatch aims to reduce the risk of security bugs and other vulnerabilities via vulnerability assessments, penetration tests, and code reviews. The findings from each of these activities is used to inform

Vulnerability Assessment

Deepwatch currently performs internal vulnerability scans on a daily basis, which will necessarily include scanning after significant changes to the Deepwatch networks. VM agents are installed as part of our default configuration on both laptops and servers.

Penetration Testing

Deepwatch utilizes both internal resources and independent third-party penetration testing firms to conduct penetration testing, both internal and external, on its systems components. The testing included an External Penetration Test of internet-facing network assets and Internal and Segmentation Penetration Tests for Deepwatch's Cloud SecOps Platform Services environment.

Code Reviews

Deepwatch conducts code reviews via a continuous integration process on every merge into a branch across all repositories. Code is tested (via Static & Dynamic Analysis, Unit Test, Integration Test, Functional Test, Performance, and Security) throughout every step of the development process.

In addition, we engage third party auditors and penetration testers to perform security reviews on our products.

Physical Security

Deepwatch has a limited physical presence due to its nature as a remote-first organization. Staff with a valid business case and role are granted access to the facilities they require to perform their job via a centrally managed access control system. In addition, Deepwatch maintains CCTV Surveillance Systems and visitor controls in each office.

Deepwatch's SecOps platform and associated technologies are all hosted with cloud infrastructure providers, each of which maintainSOC 2 Type II and ISO 27001 certifications, among others, to affirm their physical security stature.

Privacy at Deepwatch

Security and privacy is core to Deepwatch's primary concern. Wherever possible Deepwatch minimizes the data required to deliver our service; where this is not possible we incorporate industry best practices, contractual mandates, as well as other legal regulatory requirements to ensure that your data stays confidential, secure, and unaltered.

Additional details about our privacy practices, the data we collect, and related items can be found in our Privacy Policy.

Staff

As part of our commitment to Privacy, Deepwatch retains two PECB-certified Data Protection Officers on staff full-time. These individuals, including the Data Protection Officer (DPO), are responsible for all aspects of the Privacy Program including responding to Data Subject Rights requests and maintaining the Record of Processing Activity.

Record of Processing Activity (ROPA)

Deepwatch has created and maintains a Record of Processing Activity (ROPA). This ensures we handle that data responsibly, transparently, and keep data processing to the minimum necessary.

Reliability at Deepwatch

Deepwatch recognizes the importance of its Cloud SecOps Platform in our customer's business and commits to delivering products and services that are stable and secure at all times.

Deepwatch Cloud Hosting

Deepwatch takes advantage of the scalability and redundancy of AWS and other best-in-class technologies to ensure our infrastructure is consistently available and performing optimally for our customers.

Real-Time Status

It's easy to stay informed on the performance of the Deepwatch Cloud SecOps Platform; to do so visit the Deepwatch Status Page which provides the real-time and historical status of the platform and scheduled maintenance of the products that make up our platform. Customers can subscribe to this page and receive updates via email whenever the page is updated.

Guaranteed Availability

We offer a credit-backed SLA for both uptime (99.9%) and Initial Response and Update so you can focus on your core business processes. Details can be found here.

Vulnerability Disclosures

Deepwatch appreciates individuals that responsibly disclose any suspected vulnerabilities to our security team. If you believe you have discovered a vulnerability in Deepwatch's website or platform, please get in touch by sending an email to [email protected] with the findings and website(s)/platform(s) that are impacted. We ask that you not disclose any information publicly until the issue has been addressed.

We Have Answers

Frequently Asked Questions

Learn how the Deepwatch addresses your most important security questions.

Have responsibilities been defined for both Deepwatch and customers?

Deepwatch has documented the responsibilities between the customer and itself for each of our products. These documents can be obtained from your assigned Customer Success Manager (CSM).

Are all Deepwatch employees US-based?

Yes. All Deepwatch employees are US-based.

Can Deepwatch assist my company with responding to an Individual Rights Request?

Yes! In the event that Deepwatch is a party to an Individual Rights Request, we are happy to assist. Connect with your CSM, who will reach out to the privacy team.

Does Deepwatch have any plans to certify with HIPAA or HITRUST standards?

While there is no real "certification" for HIPAA compliance, Deepwatch does align its security and privacy program to the HIPAA Security Rule and the HIPAA Privacy Rule. Due to our status as an IT Security Service Provider, Deepwatch is legally prohibited from accessing the HITRUST Cyber Security Framework and becoming a Licensee.

Who has access to our data?

Customer data is accessible to only those who are responsible for providing our products and services; we do not sell customer data to third parties under any circumstances. For more information, please see our Privacy Policy.

What audit rights do customers have as a data controller?

Keeping in line with common industry practices, Deepwatch invites its own internal and external auditors to regularly undertake audits against a variety of standards and frameworks as mentioned above. The results of these audits can be shared with customers via their CSM.

Does Deepwatch handle BAAs?

While we understand some customers may be a covered entity, Deepwatch is not a "business associate" as defined as Deepwatch does not help carry out any health care activities or functions on behalf of our Customers. Deepwatch does not furnish, bill or receive payment for healthcare nor do we transmit or process any covered transactions as described under the CMS guidelines. We take privacy and confidentiality seriously and our SOC2 Type 2, and TRUSTe certification speaks to our security hygiene and compliance with HIPAA requirements. It is important to understand customer's are in control of data logs filtered and transmitted to Deepwatch for analysis and such logs should never include any PHI or other HIPAA related material.

Additional details about our privacy practices, the data we collect, and related items can be found in our Privacy Policy.

For more information on Security and Privacy at Deepwatch, contact our team.

How to Talk About Cybesecurity Risk Management

Read More

Let's Talk

Ready to Become Cyber Resilient?

Meet with our managed security experts to discuss your use cases, technology and pain points and learn how Deepwatch can help.