Qovery is officially SOC 2 Type II compliant with an Unqualified Opinion. Get the highest assurance of continuously verified security controls for enterprise-grade application deployments and simplify due diligence.
We're proud to announce that Qovery is officially SOC 2 Type II compliant!
For our current and prospective customers, especially those building highly regulated or security-sensitive applications, this means you now have the highest level of assurance that our platform's security controls are not just designed correctly, but are operating effectively and consistently over time.
The Type II component is critical. Unlike a Type I report, which is a snapshot of controls on a single day, the Type II audit rigorously tested our controls for a sustained period. This verifies the operational efficacy of our security posture across the AICPA's Trust Services Criteria (Security is mandatory, and we included others key to our service).
We received our first SOC 2 Type II report, and the auditor noted no exception to our controls.
In audit terms, this is known as an Unqualified Opinion, the best possible outcome. Insight Assurances confirm that the policies, procedures, and technical controls we have implemented to govern access control, change management, systems operations, and risk mitigation are performing exactly as intended.
This achievement is a collective effort across our engineering and operations teams. We view security not as a feature, but as the foundation of our entire platform, and we are committed to continuous monitoring and improvement.
The engineering, product, and developer experience team behind the Qovery platform.
Qovery ensures every agent action is scoped, audited, and policy-checked. Start deploying in under 10 minutes.