MainStem
Security
MainStem provides trust in internet businesses by enabling companies to manage their supply chain in a secure, compliant platform and improve their posture to their customers, prospects, and partners.
Security Program Highlights
MainStem takes data security seriously. We encrypt data at rest, and in transit for all of our customers. We use a variety of third party tools, auditors and services to provide best in class security for our entire user base on the MainStem platform.
SOC 2 Type 2
In 2022, MainStem successfully completed a SOC 2 Type 2 audit conducted by Prescient Assurance, reaffirming our commitment to the highest standards of data security and privacy. SOC 2 compliance goes beyond financial reporting, focusing on critical trust service principles (TSP) such as security, availability, processing integrity, confidentiality, and privacy. This certification demonstrates our dedication to maintaining robust controls and safeguarding sensitive information.
Annual Pen Testing
MainStem regularly engages some of the industry’s best application security experts for third-party penetration tests. Our penetration testers evaluate the source code, running application, and the deployed environment. MainStem also uses high-quality static analysis tooling provided by GitHub Advanced Security such as CodeQL, Secrets Scanner, and Dependabot to secure our product at every step of the development process.