Brokerage-grade security, documented.
Brokers are fiduciaries. Pecos is built to clear compliance review at firms that handle billions in transactions each year.
SOC 2 Type I — in progress
Audit in progress for Q3 2026 with an accredited firm. Type II to follow within 12 months of Type I. We are not yet SOC 2 certified — we're transparent about that.
RESO Data Dictionary–compliant
MLS data delivered via MLS Grid's RESO-certified Web API. Field mapping follows the RESO Data Dictionary; new MLS Grid markets onboard quickly under your broker's data-license agreement.
Encryption end-to-end
TLS 1.3 in transit. AES-256 at rest. Per-tenant encryption keys for documents.
US data residency
All production data hosted in us-east-1 and us-west-2. No data leaves the US without explicit DPA.
Full audit trail
Every contract event, message, and CRM mutation is immutable and exportable for broker review.
SSO + SAML
Okta, Google Workspace, Microsoft Entra. SCIM provisioning on Brokerage plans.
Need a DPA, pen-test report, or vendor questionnaire?
- • Standard MSA and DPA available on request — turnaround under 5 business days.
- • Annual third-party penetration test summary on Brokerage plan.
- • Custom security questionnaires (CAIQ, SIG Lite) returned within 10 business days.
- • Email security@pecosagent.com to disclose a vulnerability.