SOC 2 Type II Ready

Enterprise Security.
Built for Your Business.

BriarWatch is designed from the ground up with security and compliance at its core. We protect your data with the same rigor we help you protect your network.

SOC 2
Type II Ready
AES-256
Encryption at Rest
TLS 1.3
Encryption in Transit
HIPAA
Compliant Design
Data Protection

We Never Store Your Client Data

BriarWatch is a network security scanner, not a data management system. We focus exclusively on identifying devices, vulnerabilities, and security risks.

  • No PII Collection

    We never access, collect, or store client names, patient records, or any personal information.

  • Network-Level Only

    Scans detect devices, ports, services, and vulnerabilities - not application data.

  • HIPAA Safe

    Our design supports HIPAA compliance because we never access or store protected health information.

What BriarWatch Scans For

Device Discovery
Servers, workstations, IoT, printers
Open Ports & Services
SSH, RDP, HTTP, database ports
Vulnerabilities (CVEs)
Known security issues, misconfigurations
Software Versions
Outdated software, business applications

SOC 2 Trust Service Criteria

BriarWatch is built to meet SOC 2 Type II requirements across all five trust service criteria.

Security (CC)

  • Multi-factor authentication required
  • Role-based access controls
  • AES-256 encryption at rest
  • TLS 1.3 encryption in transit
  • Regular penetration testing

Availability (A)

  • 99.9% uptime SLA
  • Multi-AZ AWS deployment
  • Automated failover
  • Regular backups (daily)
  • Disaster recovery plan

Processing Integrity (PI)

  • Validated scan algorithms
  • CVE database synchronization
  • Accurate vulnerability scoring
  • Quality assurance testing
  • Change management process

Confidentiality (C)

  • Multi-tenant data isolation
  • Encrypted credential storage
  • Strict access logging
  • NDA with all employees
  • Data classification policy

Privacy (P)

  • Minimal data collection
  • Clear privacy policy
  • Data deletion on request
  • No sale of personal data
  • GDPR-aligned practices

Audit Logging (CC7.3)

  • Complete audit trail
  • 7-year log retention
  • Tamper-evident logs
  • Real-time monitoring
  • Compliance reporting

Safe AI: Your Data Stays Private

When we use AI to analyze vulnerabilities, your sensitive data is always protected.

What AI Receives

  • Device types (server, workstation, printer)
  • Open ports and service names
  • Software vendors and versions
  • CVE identifiers and severity
  • Generic vulnerability descriptions

Never Sent to AI

  • IP addresses or hostnames
  • Organization names or domains
  • User names or email addresses
  • Network topology details
  • Credentials or authentication data
Read our full AI Data Privacy documentation

Enterprise-Grade Infrastructure

Built on AWS with industry-leading security and compliance certifications.

Hosting
  • Amazon Web Services (AWS)
  • US East region
  • Multi-AZ deployment
  • SOC 2 certified data centers
Data Protection
  • AES-256-GCM encryption at rest
  • TLS 1.3 in transit
  • AWS KMS key management
  • Isolated tenant databases
Monitoring
  • 24/7 infrastructure monitoring
  • Automated threat detection
  • DDoS protection
  • Incident response plan

Ready to Secure Your Business?

Start with a free assessment. Enterprise security without the enterprise complexity.

Start Free Assessment View Privacy Policy