Legal

SOC 2 Type II

Last updated: February 12, 2026

Certification In Progress

We're Actively Pursuing SOC 2 Type II

CyberCore is actively pursuing SOC 2 Type II certification to provide our customers with independent, third-party validation of our security controls. Contact support@cybercore.one for our current security documentation.

What is SOC 2?

SOC 2 (System and Organization Controls 2) is a rigorous auditing standard developed by the American Institute of Certified Public Accountants (AICPA). It evaluates an organization's information systems and controls relevant to security, availability, processing integrity, confidentiality, and privacy.

A SOC 2 Type II report goes beyond a point-in-time assessment. It evaluates the design and operating effectiveness of controls over a sustained period (typically 6-12 months), providing the highest level of assurance that security practices are consistently maintained.

For SaaS companies like CyberCore — especially those serving healthcare organizations — SOC 2 Type II certification is a gold standard that demonstrates a serious commitment to protecting customer data and maintaining robust operational controls.

Our Commitment

As a platform entrusted with monitoring and protecting dental practice infrastructure, we believe our customers deserve the highest level of assurance about our security practices. SOC 2 Type II certification is a key part of that commitment.

Even before formal certification, we have implemented controls and practices aligned with the SOC 2 Trust Service Criteria. Our platform is built from the ground up with security, compliance, and transparency as core design principles. We're not adding security as an afterthought — it's in our DNA.

Trust Service Criteria

We are pursuing SOC 2 Type II certification across the following Trust Service Criteria:

Security

Protection of system resources against unauthorized access. Includes firewall management, intrusion detection, multi-factor authentication, and encryption controls.

Availability

Systems are available for operation and use as committed. Includes performance monitoring, disaster recovery, incident handling, and infrastructure redundancy.

Processing Integrity

System processing is complete, valid, accurate, timely, and authorized. Our 5-gate safety system and Decision Journal ensure every autonomous action meets these criteria.

Confidentiality

Information designated as confidential is protected as committed. Includes data classification, encryption, access controls, and secure data disposal.

Current Status & Timeline

Readiness Assessment

Completed

Gap analysis and readiness assessment completed. Controls mapped to SOC 2 Trust Service Criteria with remediation plan established.

Control Implementation

Completed

All required security controls, policies, and procedures implemented and documented. Employee training completed.

3

Audit Observation Period

In Progress

Independent auditor is currently evaluating the operating effectiveness of our controls over the observation period. This phase typically runs 6-12 months.

4

Report Issuance

Upcoming

Upon successful completion of the observation period, the independent auditor will issue the SOC 2 Type II report.

5

Continuous Compliance

Planned

Ongoing annual audits to maintain SOC 2 Type II certification with continuous monitoring and improvement.

What This Means for Our Customers

Independent

Third-party validation that our security claims are real — not just marketing promises.

Continuous

Type II evaluates controls over time, proving sustained commitment — not just a snapshot.

Transparent

The report is available to customers under NDA, providing full visibility into our controls.

Interim Security Documentation

While our SOC 2 Type II certification is in progress, we provide comprehensive security documentation to address your due diligence requirements:

  • Detailed Security & Compliance documentation
  • Data Processing Agreement with HIPAA BAA provisions
  • Privacy Policy detailing our data handling practices
  • Security questionnaire responses (available upon request)
  • Infrastructure architecture overview (available under NDA)
  • Penetration test summary (available under NDA)

Questions?

For questions about our SOC 2 certification progress, to request our current security documentation, or for any compliance-related inquiries, please contact us: