Our Commitment to Security

MortDash is built from the ground up with security, privacy, and compliance at its core. We protect sensitive mortgage and financial data with industry-leading technology, rigorous controls, and a culture of security-first thinking.

Certifications & Compliance (In Progress)

SOC 2 Type II (In Progress)

We are actively working toward SOC 2 Type II certification with independent auditors.
Our platform is designed with GDPR, CCPA, and GLBA requirements in mind, and we are building controls to support full compliance.
Regular internal security reviews and vulnerability assessments.
Vendor due diligence and risk management are part of our onboarding process.
We will update this page as certifications are achieved. (Last updated: April, 2025)

Want to learn more about our compliance roadmap? Contact us.

Infrastructure & Data Security

All data encrypted in transit (TLS 1.2+) and at rest (AES-256)
Multi-region, redundant cloud infrastructure (AWS, GCP)
Role-based access controls and least-privilege principles
Continuous monitoring, logging, and alerting
Automated backups and disaster recovery

Application Security

Secure SDLC with code reviews, static analysis, and dependency scanning
OWASP Top 10 controls and secure coding practices
Regular security training for all engineers
Bug bounty and responsible disclosure program

Incident Response & Monitoring

24/7 security operations and real-time monitoring
Documented incident response and escalation procedures
Customer notification and transparency commitments
Post-incident reviews and continuous improvement

Security Resources & Contact

Report a vulnerability: security@mortdash.com
General security inquiries: support@mortdash.com