An Update on Our Commitment to Security: Announcing SOC 2 Type II Compliance

Since earning our SOC 2 Type I compliance in July 2024, we've remained consistent in our commitment to security.
Thanks to ongoing efforts across the company, we’re thrilled to announce the next chapter: we have achieved SOC 2 Type II compliance.
This achievement is a testament to our security controls, which are not only well-designed, but effective over time. We can now confirm that we consistently maintain robust safeguards on an ongoing basis, providing increased assurance to our customers. Our SOC 2 Type II Report is available to be read in our Trust Center.
What is SOC 2 Type II?
For starters, SOC 2 is an auditing standard by the AICPA focused on safeguarding customer data across five Trust Services Criteria:
- Security
- Availability
- Processing Integrity
- Confidentiality
- Privacy
There are two different types of SOC 2 compliance, with significant distinction between the two.
- SOC 2 Type 1 is an audit that assesses a company's internal controls at a specific moment in time. It essentially validates that the security framework is designed correctly.
- SOC 2 Type II requires a much more comprehensive evaluation. It not only looks at the design of the controls but also tests their operational effectiveness over an extended period, typically several months.
How did the audit work?
We partnered with an independent, third-party firm who performed the audit. The audit encompassed:
- A deep review of our policies and procedures
- Infrastructure and configuration audits—firewalls, change management, logical access
- Backup systems, disaster recovery, business continuity planning
- Security incident response and monitoring
- Ongoing collection of audit evidence to prove control effectiveness over time
Every control was tested based on how it operated in real scenarios—not just how it was designed, but how it actually functioned across months.
What does this mean as a user?
What really matters is what this means for our customers:
- Reliable, ongoing protection. You can trust that our security measures work both reliably and continuously.
- Higher confidence in your data’s safety. SOC 2 Type II provides independent, third-party validation with proven results.
- Shorter security review cycles. With increased peace of mind, your team can move faster through vendor assessments and diligence.
What's next?
While SOC 2 Type II is a major accomplishment, it's not the end of our journey. We're committed to continuous improvement and will keep investing in advanced security measures, regular audits, and emerging best practices to stay ahead of evolving threats. Stay tuned for more updates as we further strengthen our platform.