Capitalized terms have the meaning stated in the applicable agreement between Customer and Google.
A ✔ in the table below indicates that the Service (row) is in scope for the specified certification or report (column).
Service | ISO 27001 Certification | ISO 27017 Certification | ISO 27018 Certification | SOC 1 Report | SOC 2 Report | SOC 3 Report | PCI DSS Certification |
Google Security Operations | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ | ✔* |
Mandiant Consulting Services | ✔ | ✔ | ✔ | ✔ | ✔ | ||
Mandiant Security Validation | ✔ | ✔ | ✔ | ✔ | ✔ | ||
Mandiant Advantage Threat Intelligence | ✔ | ✔ | ✔ | ✔ | ✔ | ||
Mandiant Attack Surface Management | ✔ | ✔ | ✔ | ✔ | ✔ | ||
Mandiant Managed Defense | ✔ | ✔ | ✔ | ✔ | ✔ | ✔ |
Service
ISO 27001 Certification
ISO 27017 Certification
ISO 27018 Certification
SOC 1 Report
SOC 2 Report
SOC 3 Report
PCI DSS Certification
Google Security Operations
✔
✔
✔
✔
✔
✔
✔*
Mandiant Consulting Services
✔
✔
✔
✔
✔
Mandiant Security Validation
✔
✔
✔
✔
✔
Mandiant Advantage Threat Intelligence
✔
✔
✔
✔
✔
Mandiant Attack Surface Management
✔
✔
✔
✔
✔
Mandiant Managed Defense
✔
✔
✔
✔
✔
✔
*Subject to specific service configuration by customer. Certain features (e.g., Google Security Operations Looker integration) are not included in certification.