Instana Achieves SOC 2 Compliance

December 5, 2019

Instana - Enterprise Observability and APM for Cloud-Native Applications

Instana is proud to announce the successful completion of our initial SOC 2 compliance audit. At Instana, state-of-the-art security is essential for our customers, for the services we operate for them and for our product development. Over the past few years, we have matured and enhanced organizational controls building the foundation to continuously review the security status within our organization and related sub-processors. This includes, but is not limited to, information classification, risk, vulnerability & threat assessments as well as security awareness programs for all employees, business continuity management, background verification and documentation of our Software Development Life Cycle. Our commitment to privacy and security has led us to successfully complete our SOC 2 requirements and audit.

Word Image 123

What is SOC 2?

SOC 2 is an US-based Information Security framework for technology and cloud computing companies comparable to the European ISO 27001 standard. SOC 2 is following a top-down approach and requires companies to develop and maintain a set of written policies and technical controls. The ultimate goal of SOC 2 is to ensure appropriateness in the design of controls relating availability processing integrity and confidentiality of the service provided. SOC 2 compliance requirements are expressed by the Trust Services Criteria established and frequently updated by the American Institute of CPAs (AICPA).

Why is this important?

With this certification you have peace of mind, knowing that there has been an independent & full review of Instana’s security that verified the appropriateness in the design of controls regarding availability, processing integrity, and confidentiality of the service.

For your security and compliance teams, this is the assurance from an independent third-party that Instana’s product and corporate related security controls are suitable and appropriate. For compliance, your security team can utilize Instana’s SOC 2 compliance for your own certification programs and third-party assessments. Many companies frequently have SOC 2 as a requirement before choosing to deploy a SaaS solution.

Instana’s commitment to security and data compliance

The successful completion of the first SOC 2 audit confirms our belief that our security controls are appropriately designed, implemented, and maintained. To us, this is another milestone in our company history and a good foundation to maintain our security & data compliance efforts as the market needs continue to evolve. SOC 2 was a great team achievement, this wouldn’t be possible without a range of internal highly skilled professionals who are committed to providing a great solution that is safe to use in any regulatory environment and industry.

Play with Instana’s APM Observability Sandbox

Start your FREE TRIAL today!

Instana, an IBM company, provides an Enterprise Observability Platform with automated application monitoring capabilities to businesses operating complex, modern, cloud-native applications no matter where they reside – on-premises or in public and private clouds, including mobile devices or IBM Z.

Control hybrid modern applications with Instana’s AI-powered discovery of deep contextual dependencies inside hybrid applications. Instana also gives visibility into development pipelines to help enable closed-loop DevOps automation.

This provides actionable feedback needed for clients as they to optimize application performance, enable innovation and mitigate risk, helping Dev+Ops add value and efficiency to software delivery pipelines while meeting their service and business level objectives.

For further information, please visit