← Back to blog

Peripheral is now SOC 2 Type II Certified

SOC 2 Type II

Back in November, I shared that Peripheral had achieved SOC 2 Type I certification. Today, I’m happy to close that loop: Peripheral is officially SOC 2 Type II certified.

If Type I proves your controls are designed correctly, Type II proves they actually work consistently over time. An external auditor reviewed our operations across the entire audit period—covering access management, change control, security monitoring, and incident response.

The result? A clean report with zero exceptions found.

What it took

For a lean team where everyone wears multiple hats, this was a massive undertaking:

  • Months of rigorous evidence collection.
  • Hundreds of screenshots and system walkthroughs.
  • Full-scale documentation of every internal process.

I’m incredibly proud of how the team maintained our pace of innovation while upholding these rigorous security standards.

Why it matters

SOC 2 isn’t a badge we chase for marketing; it’s a reflection of our culture. Going through Type II forced us to look honestly at how our controls perform in practice.

For the enterprise teams evaluating Peripheral, this means:

  • Faster Procurement: A shorter path through security reviews.
  • Verified Data Safety: Third-party proof of how we handle your most sensitive information.

You can find the full report and our real-time security posture in our Trust Center.

What’s next

Compliance isn’t a finish line; it’s a baseline. We will maintain our Type II certification annually, ensuring that as Peripheral grows, our security grows with it.

Back to work.

More From Our Blog