Skip to content
Cased Documentation

Security Overview

Learn about Cased's security practices, compliance certifications, and deployment protection measures

Compliance Certifications

Section titled “Compliance Certifications”

SOC 2 Compliance

Section titled “SOC 2 Compliance”

Cased is committed to maintaining the highest security standards:

  • SOC 2 Type I: Completed
  • SOC 2 Type II: In progress

Our SOC 2 compliance demonstrates our commitment to:

  • Security
  • Availability
  • Process Integrity
  • Confidentiality
  • Privacy

SOC 2 reports are available to customers under NDA.

Security Features

Section titled “Security Features”

Authentication & Access Control

Section titled “Authentication & Access Control”
  • Google Workspace SSO integration
  • Fine-grained access controls
  • API token management
  • Session security

Deployment Security

Section titled “Deployment Security”
  • Required approvals for sensitive environments
  • Branch protection rules
  • Deployment queues
  • Automated rollbacks
  • Health monitoring

Infrastructure Security

Section titled “Infrastructure Security”
  • All data encrypted at rest and in transit
  • Regular security updates
  • Infrastructure as code
  • Automated security scanning

Monitoring & Auditing

Section titled “Monitoring & Auditing”
  • Comprehensive audit logs
  • Deployment tracking
  • Access monitoring
  • Real-time alerts

Security Best Practices

Section titled “Security Best Practices”

Access Management

Section titled “Access Management”

  1. Principle of Least Privilege

    • Grant minimal required permissions
    • Regular access reviews
    • Automated access revocation

  2. Authentication

    • Use Google Workspace SSO
    • Rotate API tokens regularly
    • Monitor authentication attempts

  3. Deployment Safety

    • Configure approval requirements
    • Set up branch protection
    • Enable automated rollbacks
    • Monitor deployment health

Audit & Compliance

Section titled “Audit & Compliance”

  1. Audit Logs

    • All actions are logged
    • Immutable audit trail
    • Searchable history
    • Export capabilities

  2. Compliance Controls

    • Access reviews
    • Change management
    • Incident response
    • Risk assessments

Data Protection

Section titled “Data Protection”

Data Security

Section titled “Data Security”
  • All data encrypted at rest using AES-256
  • TLS 1.2+ required for all connections
  • Regular security assessments
  • Automated vulnerability scanning

Data Privacy

Section titled “Data Privacy”
  • Data minimization practices
  • Privacy by design
  • GDPR compliance
  • Data retention policies

Security Reporting

Section titled “Security Reporting”

Vulnerability Reporting

Section titled “Vulnerability Reporting”

If you discover a security vulnerability, please report it to:

  • Email: security@cased.com
  • Response time: Within 24 hours
  • Bounty program available for qualifying reports

Incident Response

Section titled “Incident Response”

  1. 24/7 Monitoring

    • Real-time threat detection
    • Automated alerts
    • Incident tracking

  2. Response Process

    • Immediate triage
    • Customer notification
    • Root cause analysis
    • Remediation tracking

Enterprise Security Features

Section titled “Enterprise Security Features”

Single Sign-On (SSO)

Section titled “Single Sign-On (SSO)”
  • Google Workspace integration
  • SAML 2.0 support
  • Just-in-time provisioning
  • Group sync

Audit & Compliance

Section titled “Audit & Compliance”
  • Detailed audit logs
  • Compliance reporting
  • Custom retention policies
  • Export capabilities

Advanced Security Controls

Section titled “Advanced Security Controls”
  • IP allowlisting
  • Session management
  • API access controls
  • Custom security policies