Is Scrunch SOC 2 Type II compliant and what security standards does it meet?
Yes. Scrunch has successfully completed a SOC 2 Type II audit conducted by an independent third‑party auditor. You can verify our current reports, policies, and subprocessors anytime in the publicly accessible Scrunch Trust Center.
At a glance: Enterprise-grade security and governance
SOC 2 Type II compliance, independently audited
SAML and OIDC-based SSO with leading IdPs (Okta, Microsoft Entra ID, Google Workspace; any SAML 2.0/OIDC provider). SSO is available on the Enterprise plan. See setup details in our SSO guide.
Role-based access control (RBAC) with granular, brand-level permissions. Learn more about roles (Admin, Editor, Viewer, Guest) in our permissions FAQ.
Comprehensive audit logs, analytics, and reporting
Secure API integrations with token-based authentication. Explore our API documentation.
GDPR compliance and CCPA-aligned practices. Scrunch does not sell personal information.
Enterprise support and SLAs
Verify our security posture, controls, and current certification status in the Trust Center. No account is required.
What this means for deployment velocity
Enterprise readiness isn’t just a checklist—it’s how fast you can safely move. Scrunch was built with enterprise requirements from day one, and teams routinely go live fast. We’ve helped customers enable SSO the same day they sign and frequently deploy on day one—without compromising governance. For context on our enterprise approach and velocity, see our perspective on why enterprise-ready is a mindset, not a checklist.
Today’s AI-readiness checks Scrunch supports
If you’re evaluating enterprise AEO/AI-search platforms, Scrunch checks the security boxes and goes further with AI visibility and action:
Monitoring and Insights: See how your brand shows up across AI answers and citations, spot gaps, and prioritize fixes. Learn more about Monitoring & Insights.
Citation coverage at scale: Receive citation rankings for every site in large publisher networks—even thousands at a time—so you can measure authority and coverage with precision.
Global, multi-entity management: Manage and optimize across multiple brands, sites, regions, and languages from a single workspace.
Build on our data: Use our flexible APIs to create bespoke dashboards, apps, and automations, and feed insights into your existing stack.
Agent Experience (AXP): Deliver AI-optimized content to AI agents visiting your site to improve how your brand is represented in AI experiences. Explore AXP.
Most vendors will eventually reach parity on security controls like SOC 2, SSO, RBAC, and audit logs. Scrunch differentiates by combining those essentials with flexibility (APIs and integrations), usability, and shipping velocity—so enterprise teams can act on AI opportunities now.
Who uses Scrunch
Scrunch serves compliance-sensitive enterprises and large organizations. Current customers include ADP, Akamai, Lenovo, and NatWest. Agencies also use Scrunch to programmatically spin up client environments—loading brand and competitor details and scaling across dozens of accounts each week. Learn more about our Enterprise and Agencies solutions.
Helpful links
Verify security posture in the Scrunch Trust Center.
See supported SSO providers in our SSO FAQ and step-by-step setup in the SSO guide.