Celebrating an Exception-Free SOC2 Type II Hat-trick

The text discusses the importance of SOC 2 Type II certification, which is a gold standard for security accreditation and measures controls against five "Trust Principles". Chameleon, a company mentioned in the text, has successfully obtained this certification. They leverage Drata, a security and compliance automation platform, to continuously monitor their controls and provide real-time alerts of any risks. The company also conducts regular external penetration tests, vulnerability assessments, and other threat reviews. Beyond SOC 2, Chameleon is GDPR and CPRA/CCPA compliant and does not collect any personal data by default. They have implemented two-factor authentication (2FA) for all customers and accounts at no additional cost. The text also mentions the company's commitment to fighting the "SSO tax" by making Single Sign-On (SSO) via a third-party provider available to all customers, regardless of pricing plan, at a fixed price.