BigID Compliance

Our compliance program includes independent assessments of our products against several industry and regulatory frameworks including SOC2, ISO 27001, PCI, and others.

Our Compliance Approach

At BigID, we prioritize compliance with all relevant laws and regulations in the jurisdictions where we operate. We understand the importance of meeting these standards to protect your data.

If you have any questions regarding our compliance practices, you've come to the right place. Our goal is to provide you with clear and concise information to address any concerns you may have.

Certifications and Attestations


BigID engages a third-party auditor to independently assess our compliance.

Request a copy


BigID’s SOC 2, Type 2 report covers the Security, Availability, Confidentiality, and Privacy Trust Principles and also includes an assessment against the HIPAA Security Rule.

Request a copy


BigID engages a third-party auditor to independently assess our compliance.

Request a copy

FIPS 140-2

BigID’s code base has been evaluated by an independent third-party lab to validate compliance with NIST-defined requirements.

Standards and Assessments


Standardized set of questions designed to collect essential information about an organization's security and privacy practices.

Request a copy


Standardized questionnaire developed by the Cloud Security Alliance (CSA) to gather information about a cloud service provider's security controls and practices.

Request a copy

Software Bill of Materials

A document or inventory that provides a detailed list of all the software components and dependencies used in building a particular software application or system.

Request a copy

Cloud Security Alliance

The first level of certification within the Cloud Security Alliance (CSA) Security, Trust, Assurance, and Risk (STAR) program.

Request a copy