Press Release

ThousandEyes Successfully Completes SOC 2 Type 2 Attestation Reaffirming Commitment to Data Protection

March 24, 2016
Company obtains SOC 2 Type 2 audit report and TRUSTe Trusted Cloud and Privacy Certifications ThousandEyes, the network intelligence company that delivers visibility into every network, today announced completion of the Service Organization Controls (SOC) 2 Type 2 audit highlighting the company's commitment to customer data security. ThousandEyes' privacy practices regarding collection and use of personal information on the company's websites and apps were also re-certified for compliance with international privacy regulations by TRUSTe, the leading global Data Privacy Management company, through TRUSTe's Privacy Certification programs.

"Many of our customers are multinational Fortune 500 and Global 2000 companies with offices around the world. They need technology partners with robust information security and privacy management systems to minimize risks and retain compliance with laws, regulations and internal policies. This attestation is validation of our platform and our security management system," said Alexander Anoufriev, chief information security officer at ThousandEyes. "Our emphasis on security is one of the reasons that four of the top six U.S. banks and 24 of the Fortune 500 use ThousandEyes for network intelligence."

Completion of attest engagement using AT Section 101 standard and availability of the SOC 2 Type 2 report is the result of a continuous audit conducted to ensure the proper operation of security controls, which amounted to more than 150 tests over a six-month period. ThousandEyes demonstrated excellence among software as a service (SaaS) providers with a report that contained no exceptions or notes, showing remarkable data security controls and operations. The report and testing, conducted by the independent firm Schellman (formerly BrightLine CPAs & Associates), supersedes the SOC 2 Type 1 report that ThousandEyes received in September 2015, which tested the suitability of the company's design of security controls whereas SOC 2 Type 2 also verifies operating effectiveness.

In the report, Regulatory Compliance Alone Cannot Mitigate Cloud Vendor Risks, published by Gartner, written by Gayla Sullivan, Jay Heiser and Rob McMillan on February 9, 2016, it recommends that customers should regularly "obtain annual audit reports, such as the vendor's SOC 2 report, and confirmation of critical certifications, for example, ISO 27001: Information Security Management." The report adds, "Attach these certificates and attestations to the cloud vendor's risk profile each year as they are received."

Since being founded, protecting the security and privacy of customer data has been a top priority for ThousandEyes. The company has built a solid management foundation through adoption of the widely recognized and respected ISO/IEC 27001 standard for their information security management system. The ThousandEyes privacy management system is based on the Safe Harbor Framework.

For more information about ThousandEyes' commitment to security, visit ThousandEyes ThousandEyes is a Network Intelligence platform that delivers visibility into every network an organization relies on, enabling them to optimize and improve application delivery, end-user experience and ongoing infrastructure investments. Leading companies such as ServiceNow and Twitter, as well as eBay and other members of the Fortune 500, use ThousandEyes to improve performance and availability of their business-critical applications. ThousandEyes is backed by Sequoia Capital, Sutter Hill Ventures, Tenaya Capital and GV (formerly Google Ventures), and has headquarters in San Francisco, CA. For more information, visit or follow us on Twitter at @ThousandEyes. Media and Analyst Contact: Carol Carrubba
Highwire PR