JetBrains Has Received Its SOC2 Audit Report
SOC 2 (Service Organization Control II) is a comprehensive audit framework developed by the American Institute of CPAs (AICPA). This framework assesses the controls a service organization has in place in terms of security, availability, processing integrity, confidentiality, and privacy.
A SOC 2 Type II report evaluates the design and suitability of these controls. This means an external auditor has looked at our systems and processes and confirmed that they are designed in accordance with the SOC2 requirements.
What is the audit scope?
The scope of audit in 2023 contained the following JetBrains products:
- YouTrack
- TeamCity
- Space
- Datalore
- Remote Development
- Code With Me
- Fleet
- JetBrains IDEs
- .NET & Visual Studio Tools
Where can we review the JetBrains’ SOC2 report?
The SOC2 report, along with other supporting documents, such as penetration testing reports, are available at our Trust Center. The Trust Center also shows the actual states of security controls in real time, as it’s part of the system we use to monitor our SOC2 compliance.
If you are interested in carrying out an assessment of JetBrains’ security posture, please request access to the Trust Center at https://trust-center.jetbrains.com/. Once your request is approved and an NDA is executed as a part of the access provision process, you’ll get access to all security-related documents we have shared.
The Trust Center FAQ page contains answers to the most common questions. If you have any other questions, please contact us at security-compliance@jetbrains.com.
What’s next?
First of all, as the SOC2 audits are annual, we’ll maintain and improve the security controls we already have in place to ensure we comply with the SOC2 requirements and the industry’s best practices.
We also plan to expand the scope of future audits to include more JetBrains products.