December 8, 2022

Created by the International Organization of Standardization, ISO/IEC 27001 includes more than 100 requirements for establishing, implementing, maintaining and continually improving an information security management system. Only organizations that have gone through a rigorous audit process, proven that they have reviewed the risks unique to their business, and created robust procedures to monitor and address risks in a detailed, efficient manner are awarded an ISO/IEC 27001:2013 certification.

“Ermetic is committed to providing our customers the most advanced cloud security capabilities, which includes exceeding industry standards and best practices for protecting our platform from threats,” said Michael Dolinsky, CTO of Ermetic. “In addition to ISO/IEC 27001:2013, the Ermetic platform has also achieved SOC 2 Type II certification. Both of these attestations provide customers the confidence of knowing that our internal controls meet the most stringent information security requirements for data protection and privacy.”

The Ermetic CNAPP provides holistic cloud infrastructure security that reveals and prioritizes security gaps in AWS, Azure and GCP, and enables organizations to remediate them immediately. From full asset discovery and deep risk analysis to runtime threat detection and compliance, Ermetic automates complex cloud security operations through meaningful visualization and step-by-step guidance. Using an identity-first approach, Ermetic dramatically reduces the cloud attack surface and enforces least privilege at scale.