PKWARE Trust Center
Fiserv
JPMorgan Chase & Co.
Truist
Western UnionAs a provider of sensitive data discovery and remediation tools, PKWARE’s priority is to maintain a safe, secure, and compliant environment for hosted applications it provides to customers as well as providing secure development, professional, and support engineering services. To ensure the highest level of security and compliance, PKWARE is continually investing in our overall information security program, resources, and expertise.
We understand the importance in providing clear information about our security practices, tools, resources and responsibilities within PKWARE so that our customers can feel confident in choosing us as a trusted service provider.
Within this portal, we provide various information about our compliance controls, policies, practices, and evidence for your varying risk assessment and assurance activities. PKWARE is committed to transparent and open communication in order to provide you with the ability to make accurate decisions when it comes to your own data security.
Training
Training
We provide recurring security awareness training to all employees to ensure that they are aware of security best practices. This training includes regular phishing tests, rotating cyber security topics, and secure application development training including OWASP Top 10.
PKWARE Achieves SOC 2 Type II Certification
We’re proud to announce that PKWARE has successfully achieved SOC 2 Type II certification, demonstrating our ongoing commitment to the highest standards of security, availability, and confidentiality in the protection of customer data.
This independent audit, conducted by a third-party firm, validates that our policies, controls, and operational practices are designed and operating effectively over time to safeguard sensitive information. The audit covered critical aspects of our SaaS infrastructure, internal security processes, and organizational controls to ensure continuous compliance with the AICPA Trust Services Criteria.
What This Means for Our Customers
- Verified Security and Compliance: Independent validation that PKWARE’s security controls are robust and effective.
- Ongoing Commitment: SOC 2 Type II certification evaluates control effectiveness over an extended period, reflecting our dedication to maintaining strong operational discipline.
- Customer Confidence: Our customers can trust that their data is managed with the highest level of security and integrity.
Looking Ahead
Security and compliance are foundational to our mission. We will continue to invest in process improvements, transparency, and regular third-party audits to ensure that PKWARE remains a trusted partner for sensitive data discovery, protection, and compliance.
For more details or to request a copy of our latest SOC 2 Type II report, please visit our [Trust Center]
Security Update: No Impact from Salesloft Drift Salesforce Vulnerability
We are aware of the Salesloft-Drift Salesforce integration vulnerability and related data breaches that took place. PKWARE does not use the Salesloft Drift integration. At no time was our Salesforce data exposed through this tool.
For further information see the vendor's published disclosure:
https://trust.salesloft.com/?uid=Drift%2FSalesforce+Security+Update
Security Update: No Impact from SharePoint Vulnerability CVE-2025-53770
We are aware of the recently disclosed Microsoft SharePoint vulnerability, CVE-2025-53770. After a thorough review, we can confirm that this vulnerability does not impact our systems or services.
Our environments do not utilize the affected SharePoint components or versions, and no customer data or operations are at risk as a result of this issue.
We remain committed to monitoring emerging threats and maintaining the security of our platform.
PKWARE Achieves SOC 2 Type I Certification
We are pleased to share that PKWARE has successfully achieved SOC 2 Type I certification for our PK Protect service—an important milestone in our ongoing commitment to enterprise-grade security and data protection.
This independent audit, conducted by a licensed CPA firm (Sensiba), evaluated our controls as they relate to the Security, Confidentiality, and Availability of customer data. The report verifies that, as of February 2025, our internal systems, processes, and safeguards are designed and implemented to meet the strict standards defined by the AICPA’s Trust Services Criteria.
What This Means for Our Customers
- Security: Systems are protected against unauthorized access and threats.
- Confidentiality: Sensitive data is handled and protected according to contractual and regulatory requirements.
- Availability: Systems are operationally resilient and available for use as committed.
We understand the importance of trust in B2B partnerships. Achieving SOC 2 Type I is a key part of our larger security roadmap, which includes our pursuit of SOC 2 Type II to demonstrate the ongoing effectiveness of these controls over time.
📄 A copy of this report is available on our Trust Center.
PKWARE is scheduled for a SOC 2 Type II Audit Observation Period from June 1, 2025 – August 30, 2025. A SOC 2 Type II report will be shared with our customers on our Trust Center shortly therafter.
- Does PKWARE host or have access to my sensitive data?
- How does PKWARE secure and manage the exchange of troubleshooting and debug files with customers?