Bitrise’s commitment to security reflected in first SOC 2 Type 2 report

We’re proud to announce that we’ve received our first SOC 2 Type 2 report, meaning that a rigorous audit validated our compliance with the highest industry standards, confirming our commitment to the security of your data.

What’s a SOC 2 Type 2 report and what does it mean for the company?

A SOC 2 Type 2 report is a high-level, external audit that captures how a company handles and safeguards customer data with detailed information and assurance about the organization’s security controls based on their compliance with the AICPA’s (American Institute of Certified Public Accountants) TSC (Trust Services Criteria)

This report is proof of our ongoing commitment to maintaining the highest possible standard of our services. We've always cared deeply about our users’ privacy and security, but as we scaled and our customers became increasingly complex, their needs evolved as well. To make sure we meet those needs, we have been recently audited and found compliant with SOC 2 Type 2 criteria and we're excited to have reached this milestone. 

Moreover, to ensure we'll continue to meet those needs in the future, we've adopted a yearly cadence of audits that will help us maintain the highest standards of security. We look forward to growing with all of you for years to come.

What does this mean for our customers? 

Not much will change in your day-to-day use of Bitrise, but in the background, we've designed a number of systems, controls, and policies that ensure that we meet industry standards and stay compliant and secure, such as: 

  • Product security: virtualized environment, source code protection, access control
  • Data security: DPA, backups & geo-redundancy, data encryption
  • Network security: firewall and encrypted communications
  • Application security: secure coding, penetration testing, automated code security checks
  • Business security: background checks, confidentiality, security awareness training, breach notifications
  • Physical security: data center security, 24-hour office surveillance, and more.

The SOC 2 report is available upon request by contacting us here. For more information and details about our security policies, visit our Security page.

We hope you found this information useful & that you'll continue to build apps, securely, on Bitrise.

No items found.
The Mobile DevOps Newsletter

Explore more topics

App development

Best practices from engineers on how to use Bitrise to build better apps, faster.


Meet other Bitrise engineers, technology experts, power users, partners and join our BUGs.


All the updates about Bitrise events, sponsorships, employees, and more.


Mobile development, latest tech, industry insights, and interviews with experts.

Mobile DevOps

Learn why mobile development is unique and requires a set of unique practices.


Stay tuned for the last updates, new features, and product improvements.

The Mobile DevOps Newsletter

Join 1000s of your peers. Sign up to receive Mobile DevOps tips, news, and best practice guides once every two weeks.