MainStem
Security
MainStem provides trust in internet businesses by enabling companies to manage their supply chain in a secure, compliant platform and improve their posture to their customers, prospects, and partners.
View MainStem's Vanta Trust Report™Security Program Highlights
MainStem takes data security seriously. We encrypt data at rest, and in transit for all of our customers. We use a variety of third party tools, auditors and services to provide best in class security for our entire user base on the MainStem platform.
SOC 2 Type 2
MainStem is undergoing an audit for its SOC 2 Type compliance and is on track to have the compliance issued in 2022. SOC 2 compliance offers reporting options beyond financial objectives. It covers controls relevant to the trust services principles (TSP): security, availability, processing integrity, confidentiality, and privacy.
Annual Pen Testing
MainStem regularly engages some of the industry’s best application security experts for third-party penetration tests. Our penetration testers evaluate the source code, running application, and the deployed environment. MainStem also uses high-quality static analysis tooling provided by GitHub Advanced Security such as CodeQL, Secrets Scanner, and Dependabot to secure our product at every step of the development process.