We are building Marloo to be unbreakable, this means attaining the highest certifications possible. Drawing from our experience in consumer financial services, we have begun with SOC2 Type 2 and CARR certification, and will continue to broaden our efforts.
​

SOC 2 certification: We currently hold SOC 2 Type 2 certification. This is a global standard cybersecurity compliance framework that assesses Marloo's security controls related to data protection that requires an independent audit to achieve. You can find more information about our controls in the Marloo Trust Center here.
​

CARR certification: Marloo has achieved a "Very Good" CARR (Cyber Assurance Risk Rating) score. This independent assessment, conducted by Aphore using the NIST Cybersecurity Framework v2.0, evaluates our cyber resilience across six critical areas: Govern, Identify, Protect, Detect, Respond, and Recover.

The CARR methodology is the de facto Australian standard for assessing business risk when reviewing relationships with third-party suppliers. It provides a comprehensive view of an organisation's cybersecurity risk profile and the likelihood of a data breach. Our "Very Good" rating indicates that Marloo has implemented both strong governance policies and procedures, as well as effective technical controls to protect our organisation from most cyber threats.

In addition to these certifications, we've gone above and beyond to ensure our security and compliance measures are robust. We deeply appreciate the trust advisers place in Marloo and are always happy to share more about the continued investment we are making in this area.