Common
Things to assess
As a b2b cloud saas platform what security certificates we need?Check the 10 RFPs shared by Nitha...
Certifications and Frameworks
Understanding the Difference:Certifications → Issued by an accredited third party after an audit....
Environment Scope : Environments which are part of audit
1. Primary focus = “In-scope systems”Production environment (AWS in our case) will definitely be ...
Technical Requirements in a RFP
Technical Requirements (West Jordan Utah)Must be hosting in a U.S.-based data center Data encryp...
Product Security Onboarding
1. What is “Product Security” in SaaS?Protecting customer data from breaches, misuse, or accident...
Compliance Vendors
Key Parameters for Selecting a SOC 2 Compliance VendorSpeed / Time to ComplianceCost & Pricing Tr...
Product Security Sync - 2
A. Certifications Available in the Market (Audited, Formal Certificates)SOC 2 Type II – U.S. SaaS...
Post Certification
1. Handle the SOC 2 Report with Care - ADVISED NOT TO MAKE PUBLICTreat it as confidential. Share ...
Feedback Points on 14 Aug 2025
A - Available options in the market for certsB - Available options in the market for frameworksC ...
Stages
Ideation & AwarenessUnderstand product security ✅Discussion: GD (business impact), Nilesh (feasi...
Product Sec Sync 2 Feedbacks
Vendor Reachout Process ✅Reachout - how will we be reaching out them, background, questionaires, ...
Compliance Controls - Philadelphia RFP
Monitoring - The system has the ability to be monitored to provide metrics that can prevent outag...