Cofense Logo - Email Security Solutions

PhishMe is SOC 2 compliant. Here’s how that helps you.

Share Now


Information security is important to everyone, in particular organizations that outsource operations to third-party vendors (like SaaS or cloud-computing providers). If data isn’t handled securely, an organization’s risk of exposure to data theft, extortion and malware increases dramatically.

For extra security assurance, PhishMe has been certified as a Service Organization Controls (SOC) 2 Type I environment with regard to security, availability and confidentiality. Our certification applies to our PhishMe Simulator® and the hosted PhishMe TriageTM product lines, which help organizations address the human sources of risk associated with phishing attacks. Coalfire Controls, LLC, an independent CPA firm, conducted the audit.

What SOC 2 Compliance Is

SOC 2 is an IT auditing standard designed to evaluate your service provider’s ability to securely manage your data. Created by the American Institute of CPAs (AICPA) for companies in the technology and cloud computing sectors, SOC 2 compliance is the premiere industry standard in data security.

What It Means

We earned SOC 2 status because we maintain policies and processes designed to safeguard customer data. To gain this certification, PhishMe underwent a rigorous analysis that included the following trust services criteria: security, availability, processing integrity, confidentiality and privacy.

For security-conscious businesses, SOC 2 compliance is a minimal requirement when considering a SaaS provider.

Learn More

Visit the AICPA for full details on SOC 2 compliance and how it helps to improve security controls.


We use our own and third-party cookies to enhance your experience by showing you relevant content, personalizing our communications with you, and remembering your preferences when you visit our website. We also use them to improve the overall performance of our site. You can learn more about the cookies and similar technology we use by viewing our privacy policy. By clicking ‘Accept,’ you acknowledge and consent to our use of all cookies on our website.

This site is registered on as a development site.