PocketSOC is launching soon. Get PocketSOC launch updates.

Security & Trust

Security is not a feature we bolt on. It is foundational to how PocketSOC is designed, built, and operated.

PocketSOC handles sensitive security data on behalf of your organization. We take that responsibility seriously and hold ourselves to the standards our customers expect.

Product Security Overview

PocketSOC is a mobile incident response platform that enables security teams to view, triage, and respond to threats from their phone. The platform consists of:

  • Native iOS and Android applications for on-the-go incident response
  • A cloud-hosted backend portal for team, device, and integration management
  • Secure integrations with enterprise security tools via scoped API credentials
  • Encrypted communications across all data channels

All components are designed to operate with minimal data exposure and strict access boundaries.

Secure Development Lifecycle

PocketSOC follows a secure-by-design approach throughout the development lifecycle. Security considerations are embedded from architecture and design through implementation, testing, and release.

  • Secure architecture reviews are conducted for new features and integrations before development begins
  • Automated code scanning is performed to identify potential vulnerabilities during development
  • Dependency monitoring tracks third-party libraries for known vulnerabilities and ensures timely updates
  • Controlled release processes ensure that all changes are reviewed, tested, and validated before reaching production
  • Continuous improvement practices incorporate lessons learned from testing, monitoring, and industry developments

Security Testing & Validation

PocketSOC undergoes regular security testing to identify and address vulnerabilities before they reach production.

  • Static code analysis is integrated into the development workflow to catch issues early
  • Vulnerability scanning is performed on application code and infrastructure components
  • Beta testing and UAT validation ensure that security controls function as expected in real-world scenarios
  • Remediation processes are in place to prioritize and address identified issues based on severity

No critical or high-severity vulnerabilities are shipped to production. Identified issues are tracked, prioritized, and resolved as part of the standard release process.

Data Protection & Encryption

Protecting customer data is central to the PocketSOC platform. Data handling follows a principle of minimal retention and strong encryption.

  • Encryption in transit — All communications between the app, backend services, and vendor APIs are encrypted using TLS
  • Secure credential storage — API credentials and authentication tokens are stored using platform-native secure storage mechanisms
  • Limited data retention — PocketSOC retrieves security data from vendor APIs for real-time display and does not persist customer security data beyond what is necessary for service operation
  • Customer-controlled credentials — API credentials are created and managed by the customer in their vendor console. Credentials can be rotated or revoked at any time without PocketSOC involvement

Infrastructure & Hosting

PocketSOC backend services are hosted on trusted cloud infrastructure with security controls applied at every layer.

  • Cloud-hosted backend — Services run on hardened cloud infrastructure with high availability
  • Segmented environments — Development, staging, and production environments are logically separated
  • Access control — Infrastructure access is restricted to authorized personnel and follows least-privilege principles
  • Logging and monitoring — System activity and access events are logged and monitored for anomalies

Access Control & Authentication

PocketSOC enforces strong access controls across all platform components to ensure that only authorized users and systems can interact with sensitive data.

  • Role-based access control — Portal users are assigned roles that determine their level of access to organizational settings, devices, and vendor configurations
  • Token-based integrations — Vendor API connections use scoped tokens with the minimum permissions required for operation
  • Device authentication — Biometric authentication (Face ID, fingerprint) and device passcode protections can be enforced for app access
  • Least privilege — All access, whether user-facing or system-level, follows least-privilege principles to minimize exposure

Responsible Disclosure

We welcome and appreciate responsible security research. If you believe you have found a vulnerability in PocketSOC, please report it so we can investigate and address it promptly.

How to report:

  • Email security@pocketsoc.com with a clear description of the issue
  • Include steps to reproduce the vulnerability, if possible
  • Provide any supporting evidence such as screenshots or logs (do not include sensitive customer data)

We are committed to reviewing all reports in a timely manner and will work with reporters to understand the scope and impact of any confirmed issues. We will not pursue legal action against researchers who follow responsible disclosure practices.

Security Overview Document

For procurement and security review teams, we provide a downloadable overview of PocketSOC's security posture and practices.

Download Security Overview (PDF)

Share this document with your security review team as part of your vendor assessment process.