Security

Heading

Secure, reliable, scalable: a platform built for you to scale

HIPAA compliant, and monitored by Vanta for SOC 2 Type II compliance.

Application security

Capable runs continuous dynamic security scans against our API and web products and regularly engages security experts for third-party penetration tests. We also use static code analysis tooling such as GitHub Dependabot, Brakeman, and Rubocop to secure our product at every step of the development process.

Data security

Capable encrypts data at rest and in transit for all our customers in every environment, using industry best practices and tooling such as AWS’s Key Management Service (KMS).

Infrastructure security

Capable uses Amazon Web Service to host our platform, making full use of security products in the ecosystem, including KMS, GuardDuty, CloudTrail, and Security Hub. We deploy to managed services, such as ECS Fargate, and do not manage our own servers.

Learn more about how Capable can accelerate your digital health build.