Exto Earns VAPT Certification

Data security remains critical as more companies use web solutions to integrate construction data and connect teams. We are pleased to announce that Exto has achieved vulnerability assessment and penetration testing (VAPT), a comprehensive security test that confirms Exto software is designed and operates securely.

“The VAPT certification reflects Exto’s commitment to maintaining the security of our work management solutions,” said Jason Mennig, Exto CEO. “VAPT is a rigorous process that proves the software is resilient against potential breaches. It tests the vulnerability within an IT environment, the penetration of potential breaches, a series of simulated attacks, and proactive vigilance as new cyber threats arise.”

Mennig continued, “we see security not as a destination but rather a journey. VAPT certification is part of our ongoing efforts to ensure the highest security standards for our customers and partners. We are now taking an active approach to achieving SOC 2 Type 2 certification.”

Service organization control (SOC) 2 is an attestation report developed by the American Institute of CAPs based on five trust principles: security, privacy, confidentiality, availability, and processing integrity. Exto’s IT team partnered with California-based company Drata, an advanced security and compliance platform for SOC 2, ISO 27001, HIPAA, and GDPR, to ensure all processes and requirements are followed.

If you have questions about Exto’s security certifications or practices, please email us at compliance@exto360.com.

For more information on SOC 2, visit https://www.aicpa-cima.com/cpe-learning/course/soc-2r-report-walkthrough