MuleSoft Achieves PCI and HITRUST Compliance Security Certifications

Anypoint Platform Receives Top Security Certifications and Announces Partnership with Ping Identity for Enterprise Class Identity and Access Management
Tuesday, November 11, 2014

SAN FRANCISCO – November 11, 2014 – MuleSoft, the company that makes it easy to connect applications, data and devices, today announced it meets or exceeds the following internationally recognized set of security standards: PCI-DSS level-1 service provider, HITRUST service provider and SSAE 16 SOC 2. The company also announced a partnership with Ping Identity to allow joint customers to leverage PingFederate as an OAuth (Open Authorization) provider and to extend identity federation capabilities to the Anypoint Platform™. Organizations in highly regulated sectors that require additional security measures will benefit from MuleSoft’s comprehensive privacy and security program, which includes certifications, policies, practices, people and technology.

New certifications and cloud identity partnership validates MuleSoft security leadership

MuleSoft's information security program and controls for its cloud and on-premises solutions have been certified to comply with the following data security standards through a comprehensive information security audit:

  • Level-1 PCI-DSS: fully certified as compliant with Payment Card Industry (PCI) Data Security Standards, which represent a common set of industry tools and measurements to help ensure the safe handling of sensitive information
  • Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) certification: certified to meet strict security, privacy and regulatory guidelines set forth in the Common Security Framework, which encompasses the United States’ healthcare industry’s many privacy and security standards, regulations and requirements
  • SSAE 16 SOC 2: certified in one of the most stringent standards of operational excellence put forth by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA)
  • FIPS compliance support: Mule ESB can be configured to operate in a FIPS compliant environment

Security is a top concern for any company leveraging cloud or API management services. With a built-in OAuth provider and a new partnership with Ping Identity, MuleSoft makes it fast and easy for customers to implement OAuth, the de facto standard for managing secure delegated access to APIs. By simply applying a policy to APIs hosted in Anypoint Platform, customers can now protect those APIs using PingFederate’s OAuth provider solution. In addition, customers can use their existing user repositories for direct access to the Anypoint Platform by configuring SAML federated access through PingFederate. This pre-built integration means that extending PingFederate to Anypoint Platform requires a few minutes of configuration, rather than days or weeks of development.

To learn more about MuleSoft’s Anypoint Platform, visit: http://www.mulesoft.com/platform/enterprise-integration.

About MuleSoft
MuleSoft’s mission is to connect the world’s applications, data and devices. MuleSoft makes connecting anything easy with Anypoint Platform™, the only complete integration platform for SaaSSOA and APIs. Thousands of organizations in 60 countries, from emerging brands to Global 500 enterprises, use MuleSoft to innovate faster and gain competitive advantage. http://www.mulesoft.com/

###