Our innovative digital twin software solution earns another year of third-party attestation for its enterprise-level security.

Prevu3D’s Security and compliance principles guide how we deliver our products and services, enabling people to access the digital world simply and securely.

We’re proud to continue achieving annual SOC 2 Type II compliance by the American Institute of Certified Public Accountants (AICPA) standards for SOC for Service Organizations, also known as SSAE 18. Achieving this standard with an unqualified opinion serves as third-party industry validation that Prevu3D provides enterprise-level security for customers’ data secured in the Prevu3D platform.

The audit was conducted by Prescient Assurance, a leader in security and compliance attestation for B2B and SAAS companies worldwide. Prescient Assurance is a registered public accounting firm in the US and Canada that provides risk management and assurance services, including, but not limited to, SOC 2, PCI, ISO, NIST, GDPR, CCPA, HIPAA, and CSA STAR.

Security is an ongoing process that engages every member of the company across all levels. While we are proud to have the certification as validation, safeguarding customer data has always been and will continue to be our top priority.
-Security Lead, Prevu3D

Security as a company value

Secure Personnel
Prevu3D takes the security of its data and that of its clients and customers seriously and ensures that only vetted personnel are given access to their resources. We embed the culture of security into our business by conducting employee security training & testing using current and emerging techniques and attack vectors.

Secure Development
All Prevu3D projects follow secure development lifecycle principles. New products and major updates undergo security design reviews. Team members receive annual training in secure coding. Our development adheres to OWASP Top 10 recommendations for web application security.

Secure testing
We perform routine third-party penetration testing and vulnerability scanning on all production, Internet-facing, and new systems. Our approach involves internal security engineer-led testing and external assessments by third-party firms for a comprehensive evaluation. Additionally, we conduct static and dynamic security testing on all code, including open-source libraries, as part of our software development process.

Cloud Security
Prevu3D Cloud ensures maximum security with complete customer isolation in a modern, multi-tenant architecture. Leveraging the cloud service’s native security features, we rely on provider-maintained infrastructure and access policies. Customer data is isolated and protected through our layered approach, which includes encryption, monitoring, and role-based access controls, all managed by logical controls of our design.

Compliance
Prevu3D is committed to providing secure products and services to safely and easily manage billions of digital identities across the globe. Our external certifications provide independent assurance of Prevu3D’s dedication to protecting our customers by regularly assessing and validating the protections and effective security practices we have in place.

A trusted vendor of choice

An independent AICPA firm has assessed Prevu3D’s security, availability, processing integrity, confidentiality, and data privacy controls, confirming compliance with the Trust Service Criteria. The unqualified opinion on our SOC 2 Type II audit report assures both current and prospective customers that we uphold the highest standards in managing data security and compliance, establishing us as a trustworthy vendor of choice.

Maximize your reality capture data securely and efficiently, speak to our experts