Trust Center

Start your security review
ControlK

Overview

Second Front Systems' Security Trust Center is our central hub for transparency and information regarding our robust security posture. It's designed to provide customers, partners, and stakeholders with a clear and comprehensive view of the measures we take to protect data, ensure system integrity, and maintain compliance with industry standards. Here, you'll find detailed documentation on our security policies, compliance certifications, and operational controls, including our FedRAMP authorization, which demonstrates our commitment to meeting the rigorous security requirements of the federal government. Our goal is to build and maintain trust through open communication about our security practices, giving you the confidence that your information is secure with us.

Compliance

DoD IL2 Logo
DoD IL2
DoD IL4 Logo
DoD IL4
DoD IL5 Logo
DoD IL5
DoD IL6 Logo
DoD IL6
FedRAMP High Logo
FedRAMP High
GovRAMP Logo
GovRAMP
NIST 800-53 Rev. 5 Logo
NIST 800-53 Rev. 5
NIST 800-171 Rev. 2 Logo
NIST 800-171 Rev. 2
CMMC Logo
CMMC
SOC 2 Type 1 Logo
SOC 2 Type 1
SOC 2 Type 2 Logo
SOC 2 Type 2
ISO/IEC 27001:2022 Logo
ISO/IEC 27001:2022
Cyber Essentials Plus Logo
Cyber Essentials Plus
Cyber Essentials Logo
Cyber Essentials
FIPS 140-2 Logo
FIPS 140-2
FIPS 140-3 Logo
FIPS 140-3
C5 Logo
C5
AWS Qualified Software Logo
AWS Qualified Software

Second Front is reviewed and trusted by

Department of Defense 🇺🇸-company-logoDepartment of Defense 🇺🇸
DefenseInnovationUnit-company-logoDefenseInnovationUnit
AFWERX-company-logoAFWERX
USSOCOM-company-logoUSSOCOM
Cohere-company-logoCohere
DailyPay-company-logoDailyPay
Decision Lens-company-logoDecision Lens
EDB-company-logoEDB
Epoch Concepts-company-logoEpoch Concepts
Gecko Robotics-company-logoGecko Robotics
Saab-company-logoSaab
Leidos-company-logoLeidos

Documents

COMPLIANCECyber Essentials Plus
COMPLIANCESOC 2 Type 1

Subprocessors

Product Security

Audit Logging
Data Security
Multi-Factor Authentication
View more

Data Security

Access Monitoring
Data Backups
Encryption-at-rest
View more

Legal

SubprocessorsAmazon Web Services (AWS)-company-logoGoogle Workspace-company-logoGoogle Cloud-company-logoOkta-company-logoSlack-company-logo
Cyber Insurance
Master Services Agreement
View more

Reports

Network Diagram
Pentest Report
Security Whitepaper
View more

Risk Profile

Data Access LevelRestricted
Recovery Time Objective24-48 hours
Recovery Point Objective24-48 hours
View more

Data Privacy

Cookies
Data Privacy Officer
Data Protection Impact Assessment (DPIA)
View more

Infrastructure

Status Monitoring
Amazon Web Services
Anti-DDoS
View more

Endpoint Security

Anti-Malware
Disk Encryption
DNS Filtering
View more

Network Security

Data Loss Prevention
Distributed Denial of Service Protection (Anti-DDoS)
DNSSEC
View more

Corporate Security

Asset Management Practices
Email Protection
Employee Handbook
View more

Security Grades

Qualys SSL Labs
secondfront.com
A
Security Headers
secondfront.com
A

Incident Response

Designated Response Personnel
Incident Reporting Process
Security Operations Center (SOC)

Asset Management

Asset Classification
Asset Inventories (Hardware/Software)
Asset Tracking
View more

BC/DR

Alternate Processing/Storage Site
Business Continuity Management System (BCMS)
Business Continuity Plan (BCP)
View more

Training

Employee Privacy Training
Phishing Training
Role-Based Training
View more

Change Management

Change Advisory Board (CAB)
Change Management Program
Changes Notification & Verification
View more

Continuous Monitoring

Automated Alert Response
Automated Compliance Monitoring
Data Loss Prevention System (DLP)
View more
Knowledge Base (FAQ)
  • HQ Address
  • Please provide the organization's Privacy Policy.
  • Does your organization have a Risk Management Policy?
  • Does your organization have an Access Control Policy?
  • Does your organization have a Software Development Lifecycle Policy?
View more
Built onSafeBase by Drata Logo