Safety for users: Setapp passes the "SOC 2 Type 1" check

MacPaw's Setapp announced yesterday that it has successfully completed a Service Organization Control (SOC) 2 Type 1 audit. The independent audit, conducted by Boulay Group, confirms that Setapp's information security policies and practices comply with the Security Trust Service principle. There is also a new "Security" category in the app toolkit for macOS and iOS, thanks to which you can obtain full versions of over 230 apps for a small subscription price. More information about the audit and a list of the programs in the new category can be found below.

MacPaw Setapp has undergone a Service Organization Control (SOC) 2 Type 1 audit. The successfully completed test shows that the data of the users is safe.

MacPaw Setapp has undergone a Service Organization Control (SOC) 2 Type 1 audit. The successfully completed test shows that the data of the users is safe.

Setapp voluntarily has the security of user data checked

SOC 2 Type 1 is a popular auditing standard developed by the American Institute of Certified Public Accountants (AICPA) to evaluate the design of security processes at a given point in time. Passing the test confirms that an organization's/company's security controls are appropriately designed and implemented. For a better understanding, here is an explanation of the individual test processes and stages:

There are three SOC categories:

  • SOC 1 reviews control over financial reporting
  • SOC 2 examines data controls for service companies
  • SOC 3 is similar to SOC 2, but while SOC 2 and SOC 1 are intended for professionals, SOC 3 is less specific and accessible to a more general audience

SOC 2 is further divided into Type 1 and Type 2: 

  • Type 1 tests the security controls of an organization/company at a given point in time
  • Type 2 monitors specific controls over a period of time (between three and 12 months)

"The security team of Setapp has done an excellent job over the past year working closely with an auditor to ensure all processes are compliant with SOC requirements' says Oleksandr Kosovan, CEO of Setapp. "The SOC 2 Type 1 report demonstrates Setapp's commitment to building the service with the highest level of trust and transparency when it comes to protecting our customers' data."

"Information security is a growing concern not only for SaaS companies but also for their customers. Therefore, the protection of their data and the trust of customers are no longer negotiable for a SaaS company” says Mykola Srebnyuk, Head of Information Security at MacPaw. "Looking to continue building on the secure foundation in 2022, we plan to complete a successful ISO 27001:2013 audit for Setapp and MacPaw by the end of the year."

Security on the Apple Mac: Special apps category

If you decide to subscribe to Setapp, you will receive an individually usable package of over 9,99 full versions for EUR 230 per month. These are all ad-free and kept up to date with updates. Included are Maintenance, Lifestyle, Productivity, Mac Hacks, Personal Finance, Developer Tools, Task Management, Writing & Blogging, Education, and Creativity programs. As part of the news above, the Security category has been added. This provides the following apps:

  • ClearVPN
  • canary mail
  • Step two
  • AdGuard
  • CleanMyMac X
  • Get Backup Pro
  • ChronoSync Express
  • Shimo
  • Secrets
  • Oh tipi
  • Pareto Security
Image source: Setapp

Image source: Setapp

You can find descriptions and screenshots for these and all other apps in the Setapp package on the official website of the offer. In addition to a 7-day trial version, the individual subscription options and offers for teams and companies, you will also find the Setapp blog on the linked page, which provides further information on the review described above in the current post. Have fun browsing!


Did you like the article and did the instructions on the blog help you? Then I would be happy if you the blog via a Steady Membership or at Patreon would support.

Leave a Comment

Your e-mail address will not be published.