SOC 2's CC7 criteria require you to identify vulnerabilities, detect anomalies and respond to incidents. We show how continuous vulnerability and exposure monitoring provides the technical evidence auditors want to see.
Run a free domain scan All checks βWe map SOC 2's CC7 requirements to concrete technology: continuous identification of new vulnerabilities in your systems (CC7.1), monitoring of exposure changes and anomalies (CC7.2), and input for incident response (CC7.3β7.4) β tied to the current threat picture via our intel engine.
CC7 is where SOC 2 requires controls to be living, not static. A year-old vulnerability scan isn't enough β the auditor wants to see that you continuously detect and prioritise new threats, with evidence over time for a Type II report.
How does this differ from CC8.1?
CC8.1 is about controlled change (change management); CC7 is about detecting and responding to threats. We cover both as separate evidence pages.
Do you provide Type II evidence?
Yes β our monitoring builds evidence over time, which is what Type II requires beyond Type I's snapshot.
Is this the same as Threat Radar?
The Threat Radar engine drives the detection and intel correlation; the SOC 2 page maps it to the CC7 criteria as evidence.
Run a free scan or order a full Security Assessment β prioritised, not noise.
Run a free domain scan