At CalypsoAI, trust isn’t just a promise, it’s a principle built into every layer of our platform. In January, we announced that we successfully completed our System and Organization Controls (SOC) 2 Type I Audit, validating that our security controls were properly designed and implemented at a point in time.

Today, we’re proud to share the next milestone: CalypsoAI has successfully completed its SOC 2 Type 2 audit. This certification demonstrates not only that our controls are well-designed, but also that they are operating effectively over time. In other words, we’ve moved from setup to proof, showing customers that our security, availability, confidentiality, processing integrity, and privacy controls hold up under sustained, independent evaluation.

SOC 2 is one of the most rigorous and respected standards in information security. It was developed by the American Institute of Certified Public Accountants (AICPA) to validate an organization’s internal controls across security, availability, confidentiality, processing integrity, and privacy. Completing this audit with Johanson Group affirms what our customers already experience—CalypsoAI was built from the ground up to protect enterprise AI where it matters most.

Why SOC2 Matters

Enterprises today face a new era of security challenges with risks that emerge not just from infrastructure, but from the behavior of GenAI itself. When in production, AI systems interact with sensitive data and make decisions in real time, introducing new risks at the inference layer. That’s where CalypsoAI operates.

• SOC 2 Type 1 validated that our controls were properly designed to meet the Trust Services Criteria.

• SOC 2 Type 2 goes further, confirming that those controls have been consistently followed and proven effective over an extended audit period.

For our customers, this means confidence not only that CalypsoAI has the right security controls in place, but also that those controls are continuously upheld in day-to-day operations.

Our Approach to Security

We didn’t wait for regulation to catch up to AI. CalypsoAI has always prioritized security at the point of use, combining:

• Real-time defense against prompt injection, jailbreaks, and data leaks via Inference Defend
• Autonomous red-teaming to uncover vulnerabilities before attackers do with Inference Red-Team
• Enterprise-grade observability and auditability through Inference Observe

Now, with SOC 2 Type 2 accreditation, our customers can trust that the platform powering these protections not only meets industry standards on paper but proves it in practice, every day.

Looking Ahead

Security is not a checkpoint, it’s a journey. With both SOC 2 Type 1 and Type 2 certifications achieved, CalypsoAI continues to lead with transparency, integrity, and operational excellence. We are also progressing toward ISO 27001 and additional global standards to ensure our platform remains the most trusted foundation for securing enterprise AI.