ArmorCode Achieves SOC 2 Type II Compliance; ArmorCode Wins Another Big Enterprise Customer

Customer Research Shows Enterprises Can Save up to 55% on Application Security Program


ArmorCode, the Silicon Valley startup delivering application security at the speed of DevOps, today announced that it has attained SOC 2 Type II compliance which demonstrates that an independent auditing firm has examined the company's security activities and tested them to ensure that its platform meets necessary compliance requirements for large enterprises.

ArmorCode also announced that Shutterfly, the leading e-commerce retailer and manufacturing platform for personalized products, has chosen ArmorCode to streamline application security processes across the company's flagship software applications.

"ArmorCode's intelligent application security platform gives us unified visibility into AppSec postures and automates complex DevSecOps workflows. As a result, we are able to save significant time and effort. Additionally, the focus on growing the platform to meet our needs is a critical driver for us," said Aaron Peck, Chief Information Security Officer at Shutterfly.

"ArmorCode is dedicated to enterprise-grade security and our SOC 2 Type II certification — achieved within months of the company's founding — is further proof that we have kept the needs of enterprise customers top-of-mind from day one," said Nikhil Gupta, founder and CEO of ArmorCode. "We are excited that Shutterfly has chosen to deploy ArmorCode platform to accelerate and improve its application security processes and we are eager to work alongside enterprise CISOs to deliver a best-in-class application security platform that meets their needs while reducing overhead."

In addition, the company is launching an advanced Total Cost of Ownership (TCO) and Return on Investment (ROI) modeling tool to assist customers understand the business benefits of deploying ArmorCode's Intelligent Application Security Platform (IASP). After a series of customer engagements, the company found that its IASP can save organizations up to 55% on total costs associated with application security posture management, DevSecOps orchestration, and continuous compliance.

"While traditional TCO and ROI tools are formulated using a businesses' existing capital and operational expenditures, we believe that a true measurement of application security's business value should also include new pathways to revenue as well as impact on business agility and overall reduction in security risk," Gupta added. "Just as Volvo invested in safety innovation to build its brand and deliver peace of mind to customers, we believe an application security platform should offer enterprises the highest degree of peace of mind while also helping them monetize their security credentials. Good security should add tremendous business value, not create costs."

The accelerated adoption of digital technologies during the pandemic has caused cybercrimes to rise significantly, especially for companies embracing work-from-home. Deloitte recently reported that the average cost of a data breach resulting from remote working can be as high as $137,000 and a new ProofPoint survey of more than 1,400 global CISOs found that 64% are concerned that their organization is at risk of suffering a damaging cyberattack within the next 12 months. As a result, forward-thinking companies should consider the risks and costs associated with their existing security practices.

ArmorCode's application security platform consolidates three key AppSec needs into a single intelligent platform that minimizes tooling and alerts, all while maximizing agility, efficiency, and cost-effectiveness. The ArmorCode platform includes:

  • Application Security Posture Management
    • Simplifies AppSec operations by providing a centralized view of all security findings across application and infrastructure security and enables a streamlined CI/CD pipeline
    • Reduces the risk of security incidents by as much as 50% by normalizing, prioritizing, and correlating findings across various AppSec and infrastructure security tools
  • DevSecOps Orchestration
    • Offers a seamless DevSecOps workflow that fosters tighter collaboration between developers and AppSec engineers with 60+ integrations across leading AppSec, CI/CD, collaboration, and infrastructure security tools
  • Continuous Compliance
    • Provides out-of-the-box industry-standard compliances including SOC 2, GDPR, FedRAMP, HIPAA, and OWASP Top 10, among others
    • Delivers continuous evaluation of application security controls and relevant security standards

To see how ArmorCode demonstrates value in 15 minutes or less and to evaluate your customized ROI with ArmorCode, please visit:

About ArmorCode

ArmorCode is delivering application security at the speed of DevOps. Founded in 2020 in Palo Alto, California, the company offers security professionals a centralized platform for Application Security Posture Management; DevSecOps Orchestration; and Continuous Compliance. With ArmorCode, enterprises can radically simplify and accelerate application security while cutting costs by as much as 55%. ArmorCode is used by global brands and backed by leading VC firms. To learn more, please visit

Media Contact: 
Aaron Endre

Source: ArmorCode