DevSecOps Forward

Security checks are baked into our software development lifecycle and secure baselines are automatically enforced.

Security checks are baked into our software development lifecycle and secure baselines are automatically enforced.

Secure development lifecycle.

All development projects at Scoop follow secure development lifecycle principles. 

AppSec Testing

We perform static and dynamic software application security testing of all code, including open source libraries, as part of our software development process.


We implement role-based access controls and the principles of least privileged access, and revoke access as needed.

Penetration testing

Scoop deploys third party penetration testing and vulnerability scanning of all production and internet facing systems on a regular basis.

Cloud Security 

Scoop leverages native physical and network security features of the cloud, enabling providers to maintain the physical access policies and procedures.

Frequently Asked Questions

Is Scoop SOC2 Compliant?

Yes, Scoop is SOC2 Type II and SOC3 compliant. To access our reports contact

Is your data encrypted?

Data is encrypted in transit between the public internet and Scoop's networks in AWS (TLS 1.2). Data is also encrypted at rest using AWS-managed keys. User passwords are encrypted (salted and hashed) using modern encryption libraries, and multi-factor authentication is required for every account. Data submitted by clients is heavily validated for correctness, and system logs strive to never include sensitive information

What data do you store?

For full information on the data Scoop collects, how we use it and how we protect your privacy please see our privacy policy.

Is Scoop GDPR Compliant?

Yes, Scoop is GDPR compliant, however we currently only support data residency in the United States. Download Scoop's data processing agreement here.

Where can I find the list of Data Subprocessors?

You can navigate to to see the most recent list of data sub processors at Scoop Sub Processors.

Can you provide a pen test report?

The latest penetration test report can be provided to customers by emailing

How can I report Security issues?

We review security issues as soon as possible and you can report them by emailing

Your hybrid crystal ball

Always know where the people you care about most will be, making it easier than ever to coordinate with teammates, close collaborators, or your manager.

android iconChrome icon
scoop sidebarscoop groupgroup member

Hybrid without the heavy lift

Say goodbye to the back and forth of figuring out who's working where. With automated routines and one-click work status updates, teams stay in the loop without all the noise.

Main scoop dashboardscoop group

Lives where you work

With Team Sync, everything you need to coordinate is just a click away. Sync your daily work status to Google Calendar or instantly see where teammates are, right in Slack.

slack icongoogle calendarChrome icon
scoop slackscoop group

More Security Automation

An automation-led approach allows us to confidently prove our security and compliance posture any day of the year and fosters a culture of compliance.

Automated Detection

We use best-in-class services and tools to provide 24/7 automated detection and response capabilities.

Continuous Compliance

We monitor 100+ security controls and work with auditors and security experts to ensure automated tests are accurate.

Show Less

Learn more about security at Scoop