Baseten achieves SOC 2 Type II certification

Baseten has completed a rigorous audit by Sensiba San Filippo LLP, a leading CPA firm, to achieve System and Organization Controls (SOC) 2 Type II certification. This effort, led by our CEO, involved providing auditors with detailed statements and substantial evidence about our product and operations.

Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2 Type II is an ongoing assessment of an organization’s security posture. Achieving this level of compliance is unusual for a company of our size and reflects our dedication to providing secure and reliable infrastructure for hosting ML models.

To receive the SOC 2 Type II certification, Baseten provided evidence of following best practices across five trust services criteria:

• Security

• Availability

• Processing Integrity

• Confidentiality

• Privacy

We provided information covering technical details within our product such as authentication mechanisms, backups, firewall configurations, data encryption, and cypher suites, along with operational details including code review and deployment approval. The audit also covered the company’s hiring processes.

Our SOC 2 Type II report did not have any noted exceptions and therefore was issued with a “clean” audit opinion. In all, Baseten’s controls were found to be “suitably designed” for over 70 specific sub-criteria.

This holistic review demonstrates Baseten’s careful custody of our customers’ information, the robustness of our infrastructure, and the diligence of our employees and contractors. We will continue to review and improve the security and compliance of our product and operations to provide our customers with a reliable and trustworthy platform for critical ML-powered business processes.

Reports detailing our HIPAA compliance, SOC 2 Type II certification, and other security measures are available to current and prospective customers upon request.