Posture, not promises.
Real certifications. Documented controls. A reviewer pool with actual licenses. Read the dossier in line, or request the procurement packet at the bottom.
What we carry on paper.
Attestation status may change. For the current list of certifications and the security packet, contact security@contently.com.
Every control, every status, every doc.
Pulled from the SOC 2 controls catalog. The full vendor packet, including the underlying documentation for each control, is available on request to security@contently.com.
| Control | Status |
|---|---|
| Encryption at rest | AES-256 |
| Encryption in transit | TLS 1.3 |
| SSO / SAML | Supported |
| Role-based access control | Yes |
| Penetration testing | Annual + on-release |
| Backup & restore | Documented RPO/RTO targets in vendor packet |
| Incident response | 24/7 on-call |
| Audit logs | Immutable · 7-year retention |
Two control surfaces, plain language.
- Asset class · muni-bond → FINRA Series 7 + 24
- Topic · HIPAA-covered → MD-credentialed editor
- Brand · regulated industry → in-house compliance reviewer
Routing your team configures once. Auditable forever.
Configure routing per asset class, topic, and brand. Every routing decision logs the rule that fired and the reviewer that picked it up.
Every approval, every change, every reviewer. Exportable as a single PDF in under 30 seconds.
A single packet that satisfies the auditor on the first ask.
The audit trail is immutable, time-stamped, and reviewer-attributed. When the regulator asks, you export one PDF.
What the audit trail looks like.
Get the vendor-review packet.
SOC 2 report, DPA template, BAA template, security architecture doc, and a pre-filled CAIQ. Emailed to your procurement contact.
security@contently.com
For incident reporting, regulator inquiries, or ad-hoc compliance asks. Response SLA: 4 business hours.