Trust Portal

Start your security review
View & download sensitive information
Ask for information
ControlK

Overview

Welcome to the Benepass Trust Portal. We believe that transparency is the foundation of every great partnership, and this portal is our commitment to giving you a clear, honest view into our security and compliance programs. Whether you are a current customer or a future partner, we want you to feel confident in how we protect your data.

Here you can find detailed information on our practices and answers to your questions. Our dedication is validated by our SOC 2 Type 2 report and our HITRUST e1 certification, which confirm that independent auditors have rigorously evaluated our controls for safeguarding your most sensitive information.

Compliance

HITRUST Logo
HITRUST
SOC 2 Type 2 Logo
SOC 2 Type 2
CCPA Logo
CCPA
GDPR Logo
GDPR
HIPAA Logo
HIPAA

Benepass is trusted by

Anthropic-company-logoAnthropic
Brookfield Asset Management-company-logoBrookfield Asset Management
KKR-company-logoKKR
Moderna-company-logoModerna
monday.com-company-logomonday.com
Notion-company-logoNotion
Okta-company-logoOkta
OpenAI-company-logoOpenAI
Poshmark-company-logoPoshmark
Riot Games-company-logoRiot Games
Workday-company-logoWorkday

Documents

REPORTSData Flow Diagram (DFD)
REPORTSNetwork Diagram
REPORTSPentest Report
REPORTSSOC 2 Report
COMPLIANCEHITRUST
COMPLIANCESOC 2 Type 2
LEGALCyber Insurance
LEGALW-9
POLICIESAcceptable Use Policy
POLICIESAccess Control Policy
POLICIESBusiness Continuity/Disaster Recovery (BC/DR) Policy
POLICIESChange Management Policy

Product Security

Audit Logging
Multi-Factor Authentication
Role-Based Access Control
View more

Data Security

Data Backups
Encryption-at-rest
Encryption-in-transit
View more

App Security

Responsible Disclosure
Credential Management
Software Development Lifecycle
View more

Reports

Data Flow Diagram (DFD)
Network Diagram
Pentest Report
View more

Risk Profile

Data Access LevelRestricted
Third Party DependenceYes
HostingMajor Cloud Provider

Self-Assessments

Benepass may provide responses to assessments and questionnaires upon request.

Legal

SubprocessorsStripe-company-logoAmazon Web Services (AWS)-company-logoGoogle-company-logoNew Relic-company-logoFunctional Software-company-logo
Cyber Insurance
Privacy Policy
View more

Access Control

Internal Single-Sign-On (SSO)
Logging
Password Manager
View more

Infrastructure

Amazon Web Services
BC/DR
Network Time Protocol

Endpoint Security

Disk Encryption
Endpoint Detection & Response
Mobile Device Management

Network Security

DNSSEC
Virtual Private Cloud
Web Application Firewall

Corporate Security

We implement internal measures and practices to maintain a high standard of security.

Policies

Acceptable Use Policy
Access Control Policy
Business Continuity/Disaster Recovery (BC/DR) Policy
View more

Security Grades

SecurityScorecard
getbenepass.com
Security Scorecard A grade
app.getbenepass.com
Security Scorecard A grade
ImmuniWeb
app.getbenepass.com
A
Qualys SSL Labs
app.getbenepass.com
A+
View more

Incident Response

We have a dedicated team that responds to security incidents. We are happy to provide more details about our incident response practices upon request.

Risk Management

We have a dedicated team that manages security risks. We are happy to provide more details about our risk management practices upon request.

BC/DR

We have a business continuity plan in place to ensure that we can continue to operate in the event of a disaster.

Training

We provide security awareness training to all employees to ensure that they are aware of security best practices.

Change Management

We have a change and configuration management process in place to ensure that changes are properly reviewed and approved.

If you need help using this Trust Portal, please contact us.
Contact support
If you think you may have discovered a vulnerability, please send us a note.
Report issue
Built onSafeBase by Drata Logo