Immunefi achieves SOC 2 Type II Certification

Immunefi has successfully completed its SOC 2 Type II attestation, verifying our internal controls meet the highest standards for security, availability, and confidentiality.

Conducted by Sensiba, this attestation evaluated both the design and the consistent operation of our systems over time. This milestone provides external assurance that Immunefi handles sensitive customer data with care, and that our processes function reliably in practice, not just on paper.

The Path to SOC 2

Security is at the core of Immunefi. From day one, we’ve built our internal systems to the standard we believe the rest of the industry should follow. Now, this work has been independently validated.

SOC 2 is a framework developed by the American Institute of Certified Public Accountants (AICPA). It assesses whether an organization has the internal controls needed to securely manage customer data. 

• Type I: Evaluates how controls are designed at a single point in time
• Type II: Tests whether those controls operate effectively over an extended period.

Immunefi has achieved the full Type II attestation, covering all three trust principles: security, availability, and confidentiality. This confirms that our systems are well-designed and perform under real operating conditions.

Why this matters

For security leaders, protocol engineers, or investors, the stakes around onchain vulnerabilities couldn’t be higher. 

When organizations use Immunefi, they share the most sensitive asset their organization possesses - vulnerabilities data that could cause catastrophic losses and irreparable harm. That information must be managed with the highest possible standards of data security. 

SOC 2 also matters for another reason: institutional adoption. Projects seeking integrations with custodians, exchanges, or enterprise clients often find that without SOC 2, doors remain closed. 

What’s next

Achieving SOC 2 Type II is a major milestone, but it’s not the end of the road. We intend to maintain our attestation on a rolling basis, with new audits and updated controls as threats evolve.

For our customers, this means increased confidence in every interaction. For the community, it means the standards for what to expect from security platforms are rising. And for us, it means continuing to lead from the front.

If you’re not already using Immunefi Magnus to secure your protocol, get started today and discover what world-class onchain security looks like.