Book a demo

SOC 2 Type II Compliance

Trenchant Cyber LLC  ·  Security, Availability & Confidentiality Trust Service Criteria

COMPLIANCE STATUS NOTICE: Trenchant Cyber LLC is actively pursuing SOC 2 Type II certification. The audit scope, auditor engagement, and timeline will be published here upon completion. Enterprise customers may request our current security posture documentation and in-progress audit status under NDA. Contact info@trenchantcyber.com.

What is SOC 2 Type II?

SOC 2 Type II is an auditing standard developed by the American Institute of CPAs (AICPA). It evaluates a service organization's controls relevant to security, availability, processing integrity, confidentiality, and privacy (Trust Service Criteria) over a defined audit period — typically 6 to 12 months.

Unlike SOC 2 Type I (which assesses controls at a point in time), Type II verifies that controls operated effectively throughout the audit period. Enterprise buyers in healthcare, legal, finance, and defense commonly require a current SOC 2 Type II report before vendor approval.

Trenchant Cyber's Security Architecture

Our platform's on-premise deployment model significantly reduces the attack surface relevant to SOC 2 Trust Service Criteria:

  • Security: The Agentic Firewall enforces inline AI traffic policy, blocking unauthorized data egress, prompt exfiltration, and unauthorized agent actions.
  • Confidentiality: Customer data never leaves the customer's network during steady-state AI inference. No Trenchant Cyber LLC employee has access to customer operational data.
  • Availability: On-premise deployments eliminate dependency on third-party cloud availability. SLAs are defined per customer in Order Forms.
  • Processing Integrity: The AUDITOR agent provides 100% audit-replayable decision logs within the customer environment.

Requesting Compliance Documentation

Enterprise prospects and customers may request the following under NDA:

  • Current security posture documentation and control mapping.
  • SOC 2 audit status and timeline (in-progress audit materials).
  • NIST 800-53 control implementation statement.
  • CMMC compliance alignment documentation.
  • Penetration test summary (most recent).

Contact info@trenchantcyber.com to initiate an NDA and request security documentation.

Compliance Representation Notice

References to "SOC 2 Type II" on this website indicate that Trenchant Cyber LLC is pursuing certification and has designed its controls with SOC 2 Trust Service Criteria in mind. Until a completed SOC 2 Type II audit report is available, these references reflect our compliance architecture and intent — not a completed certification. We will update this page when the report is available.

Each customer is responsible for its own compliance posture. Use of the Trenchant Cyber platform does not automatically confer SOC 2 compliance on customer organizations.