What is SOC 3?

You can think of a SOC 3 report as a redacted SOC 2 report; the SOC 3 report summarizes the material of a SOC 2 report, but it excludes details of the testing that was performed and those tests' results. A SOC 2 report must have been written to receive a SOC 3 report.

SOC 3 reports can be posted on your website, while SOC 2 reports can only be shared with an NDA.

Subscribe & receive the latest content.

Put Compliance on Autopilot

Get Started Today


Close more sales and build trust faster while eliminating the hundreds of hours of manual work that used to go into maintaining your SOC 2 report and ISO 27001 certification.

Get Started