Bitrise’s commitment to security reflected in first SOC 2 Type 2 report

We’re proud to announce that we’ve received our first SOC 2 Type 2 report, meaning that a rigorous audit validated our compliance with the highest industry standards, confirming our commitment to the security of your data.

What’s a SOC 2 Type 2 report and what does it mean for the company?

A SOC 2 Type 2 report is a high-level, external audit that captures how a company handles and safeguards customer data with detailed information and assurance about the organization’s security controls based on their compliance with the AICPA’s (American Institute of Certified Public Accountants) TSC (Trust Services Criteria)

This report is proof of our ongoing commitment to maintaining the highest possible standard of our services. We've always cared deeply about our users’ privacy and security, but as we scaled and our customers became increasingly complex, their needs evolved as well. To make sure we meet those needs, we have been recently audited and found compliant with SOC 2 Type 2 criteria and we're excited to have reached this milestone. 

Moreover, to ensure we'll continue to meet those needs in the future, we've adopted a yearly cadence of audits that will help us maintain the highest standards of security. We look forward to growing with all of you for years to come.

What does this mean for our customers? 

Not much will change in your day-to-day use of Bitrise, but in the background, we've designed a number of systems, controls, and policies that ensure that we meet industry standards and stay compliant and secure, such as: 

  • Product security: virtualized environment, source code protection, access control
  • Data security: DPA, backups & geo-redundancy, data encryption
  • Network security: firewall and encrypted communications
  • Application security: secure coding, penetration testing, automated code security checks
  • Business security: background checks, confidentiality, security awareness training, breach notifications
  • Physical security: data center security, 24-hour office surveillance, and more.

The SOC 2 report is available upon request by contacting us here. For more information and details about our security policies, visit our Security page.

We hope you found this information useful & that you'll continue to build apps, securely, on Bitrise.


No items found.
The Mobile DevOps Newsletter

Explore more topics

App Development

Learn how to optimize your mobile app deployment processes for iOS, Android, Flutter, ReactNative, and more

Bitrise & Community

Check out the latest from Bitrise and the community. Learn about the upcoming mobile events, employee spotlights, women in tech, and more

Bitrise Insights

Cache | Caching

Mobile App Releases

Learn how to release faster, better apps on the App Store, Google Play Store, Huawei AppGallery, and other app stores

Mobile DevOps

Learn Mobile DevOps best practices such as DevOps for iOS, Android, and industry-specific DevOps tips for mobile engineers

Mobile Testing & Security

Learn how to optimize mobile testing and security — from automated security checks to robust mobile testing and more.

Product Updates

Check out the latest product updates from Bitrise — Build Insights updates, product news, and more.

The Mobile DevOps Newsletter

Join 1000s of your peers. Sign up to receive Mobile DevOps tips, news, and best practice guides once every two weeks.