Discovery's Trust Center
Welcome to Discovery Life Sciences's Trust Center. Our commitment to data privacy and security is embedded in every part of our business.
Discovery Life Sciences has successfully completed a SOC 2 Type II audit with no exceptions. Our compliance program is aligned with ISO 27001, SOC 2, and NIST frameworks, reflecting our commitment to the highest standards of information security across our global operations.
The SOC 2 Type II report will be available upon request under NDA. To request access, please submit an inquiry through this Trust Center.
Use this Trust Center to learn about our security posture and request access to our security documentation.
Reports
Reports
We may provide security-related reports upon request.
Self-Assessments
Self-Assessments
Discovery Life Sciences actively responds to client and prospect security assessments including SIG, CAIQ, and custom vendor questionnaires. Completed assessments and supporting documentation are made available under a executed NDA. To initiate a request, please submit an inquiry through this Trust Center. Our security team typically responds within 2–3 business days.
App Security
App Security
We take application security seriously and are putting together a program to monitor internal apps.
AI
AI
We take the usage of AI seriously in our organization and work to ensure security and reliability of the AI.
ESG
ESG
We prioritize and take environmental, social, and governance (ESG) considerations seriously in our operations and decision-making processes.
Legal
Legal
We take legal matters seriously and we always engage our legal counsel to review all commercial activities. Please contact us if you have any questions.
Data Privacy
Data Privacy
Privacy of customer data is top of mind. We follow industry best practices and follow all applicable privacy regulations.
Access Control
Access Control
Access is tightly monitored and controlled at our company. We are happy to provide more details about our access control practices upon request.
Infrastructure
Infrastructure
We take great care to work with best-in-class infrastructure providers that provide secure computing and storage. We are happy to provide more details about our infrastructure upon request.
Endpoint Security
Endpoint Security
We follow industry best practices for endpoint security. We are happy to provide more details about our endpoint security practices upon request.
Network Security
Network Security
We protect our corporate network against external & internal threats.
Corporate Security
Corporate Security
We implement internal measures and practices to maintain a high standard of security.
Policies
Policies
We are currently working with experts to put together our company policies. Please contact us for more details.
Risk Management
Risk Management
We have a dedicated team that manages security risks. We are happy to provide more details about our risk management practices upon request.
Asset Management
Asset Management
We have strict asset management policies in place to ensure that all assets are accounted for and secure.
BC/DR
BC/DR
We have a business continuity plan in place to ensure that we can continue to operate in the event of a disaster.
Training
Training
We provide security awareness training to all employees to ensure that they are aware of security best practices.
Change Management
Change Management
We have a change and configuration management process in place to ensure that changes are properly reviewed and approved.
Physical & Environment
Physical & Environment
We have physical and environmental controls in place to ensure that our data centers are secure and reliable.
Security Posture Enhancement in Response to Emerging AI Threat Intelligence
Discovery Life Sciences continuously monitors the evolving threat landscape, including risks introduced by the rapid adoption of AI technologies across the industry.
In response to recently published AI security research — including threat modeling work from leading AI safety organizations — Discovery has taken the following proactive steps to strengthen its security posture:
- AI Usage Policy — Formal policy governing approved and prohibited uses of generative AI tools across the organization has been established and communicated to all staff
- Data Loss Prevention (DLP) — Controls have been reviewed and updated to detect and prevent sensitive research or client data from being submitted to external AI platforms
- Vendor AI Risk Assessment — Third-party vendors leveraging AI in their products or services are now subject to additional security scrutiny during onboarding and annual review
- Security Awareness Training — Staff training has been updated to include AI-specific threat scenarios including prompt injection, data leakage via AI tools, and social engineering using AI-generated content
- Monitoring & Detection — Microsoft Sentinel rules have been tuned to flag anomalous behavior consistent with AI-assisted attack patterns
Discovery Life Sciences remains committed to transparent, proactive communication regarding our security program. Questions may be directed to our security team via this Trust Center.