Abra Security & Compliance

Our Commitment to Security

At Abra, Inc., security, privacy, and compliance are foundational to how we build and operate our platform. We implement industry-recognized standards and best practices to safeguard customer data, ensure system integrity, and maintain the trust of our customers.

Contact Us: [email protected]

Compliance & Certifications

Certifications & Attestations

• SOC 2 Type II — Abra has completed a SOC 2 Type II audit, independently conducted by a licensed CPA firm, covering the Security, Availability, and Confidentiality Trust Services Criteria. Our SOC 2 Type II report is available upon request through our Customer Trust Center.
• Annual Third-Party Penetration Testing — Abra engages an independent, qualified third-party security firm to perform application-level penetration testing on an annual basis. Findings are triaged, remediated on a documented timeline, and verified through re-testing.
• GDPR Readiness — Abra follows GDPR-aligned data protection principles, including data minimization, purpose limitation, and individual rights support.

For more information or to request access to our SOC 2 Type II report, penetration test summary, or other compliance documentation, please visit our Customer Trust Center at https://trust.helloabra.com.

Security Practices

Security & Access Controls

• Access Control & Authentication: Role-based access controls (RBAC) with multi-factor authentication (MFA) enforced across all systems.
• Single Sign-On (SSO): Enterprise SSO support via SAML 2.0 and OIDC for customer organizations.
• Encryption: All data is encrypted at rest (AES-256) and in transit (TLS 1.2+).
• Audit Logging & Monitoring: Comprehensive audit logging with continuous monitoring for security events and anomalous activity.
• Vendor Security: Third-party vendors handling customer data undergo security reviews and are assessed for compliance with Abra's security requirements.

Availability & System Reliability

• Abra's infrastructure is hosted on Microsoft Azure, leveraging Azure's ISO 27001, SOC 1/2/3, and HITRUST certified services for a secure and resilient operating environment.