BigHat Biosciences validates best-in-class security posture with spotless SOC2 audit

Read more

SAN MATEO, CA - September 29, 2022 – BigHat Biosciences announces that the company successfully maintains effective controls over the security, availability and confidentiality of data in Reccy, BigHat’s Laboratory Infrastructure Management System (LIMS), as per the System and Organization Controls (SOC2, type 2) examination and report. A SOC2 report is designed to assure existing or potential partners effective controls are in place to securely process sensitive information. The issued report indicated that BigHat successfully maintains effective controls over the security, availability and confidentiality of our platform.

“Our internal and partnered drug development programs rely on the quality of our integrated database of antibody sequences and biophysical and functional readouts”, according to Mark DePristo, BigHat’s Chief Executive Officer. "This SOC2 certification confirms our commitment to industry-leading data security and integrity controls."

“Our infrastructure, CICD and code review process have been built from the ground up on high quality, cloud-native best practices. We’re proud of how securely we’ve constructed our systems and the high service availability we have been able to guarantee. Getting through our SOC2 audit was a very streamlined process thanks to this. Kudos to our  excellent SOC2 partners, Vanta and Barr, for providing great support every step of the way,” added Eddie Abrams, BigHat’s Vice President of Engineering.

The following principles and related criteria have been developed by the American Institute of CPAs (AICPA) for use by practitioners in the performance of trust services engagements:

  • Security: The system is protected against unauthorized access (both physical and logical).
  • Confidentiality: Information designated as confidential is protected as committed or agreed.
  • Availability: The system is available for operation and use as committed or agreed.

A SOC2 report is an internal control report on the services provided by a service organization to its customers and provides valuable information that existing and potential customers of the service organization need to assess and address the risks associated with an outsourced service. The SOC2 engagement was performed by BARR Advisory, P.A. in conjunction with Vanta, a SOC2 compliance automation solution.