Certification of Compliance

We have two Security Operations Center (SOC) certifications and a FIPS certificate for a Cryptographic Module.

SOC 2 Type II

Spectro Cloud is certified against SOC2 Type II, compliance with the AICPA’s (American Institute of Certified Public Accountants) TSC (Trust Services Criteria).

• Spectro Cloud SOC 2 Type II audit report assures our organization’s:
  • Security
  • Availability
  • Processing integrity
  • Confidentiality
  • Privacy
• SOC 2 audits are an important component in regulatory oversight, vendor management programs, internal governance, and risk management.
• These reports help the users and their auditors to understand the Spectro Cloud controls established to support operations and compliance.
• The annual certification of SOC2 is Independent 3rd Party Auditor.
• Spectro Cloud SOC 2 Type II report is available upon request for any customers or prospects with signed MNDA.

FIPS 140-2

Spectro Cloud is certified against FIPS 140-2 with Certificate number 4349 in compliance with the Cryptographic Module Validation Program (CMVP).

Our Spectro Cloud Cryptographic Module is a general-purpose cryptographic library. The FIPS-enforced Palette VerteX edition incorporates the module in the Kubernetes Management Platform and the infrastructure components of target clusters to protect the sensitive information of regulated industries. Palette VerteX supports FIPS at the tenant level. For more information about the FIPS-enforced Palette edition, check out Palette VerteX.

The module is tested against these configurations:

• Red Hat Enterprise Linux 8 on Dell PowerEdge R440 with Intel Xeon Silver 4214R with and without PAA
• SUSE Linux Enterprise Server 15 on Dell PowerEdge R450 with Intel Xeon Silver 4309Y with and without PAA
• Ubuntu 18.04 on Dell PowerEdge R450 with Intel Xeon Silver 4309Y with and without PAA
• Ubuntu 20.04 on Dell PowerEdge R450 with Intel Xeon Silver 4309Y with and without PAA