AI Provider Trust Registry evidence verified as of 2026-07-05

Registry / SOC 2 Type II

Which AI providers have SOC 2 Type II?

SOC 2 Type II report availability, and how each report is gated, across major AI model offerings. The cell answers: Is a SOC 2 Type II report available for this offering? Statuses below are evidence grades, not endorsements, “no public evidence” means we could not verify it from public sources, not that the answer is no.

OpenAI API first-party API
Yes, sales-gated confidence: high · verified 2026-07-05

Trust portal publicly attests a SOC 2 Type 2 report covering Security, Availability, Confidentiality and Privacy TSC for the API Platform. The report itself is gated: "Customers with active trust.openai.com accounts can access the latest report under 'Documents.'"

source · full cell

Azure OpenAI Service OpenAI model, served by Microsoft Azure
Yes, sales-gated confidence: high · verified 2026-07-05

Two-level rule: this is Azure's (the serving platform's) SOC 2 Type 2 attestation, not OpenAI's. Microsoft publicly documents the Azure SOC 2 Type 2 attestation; the report itself is gated behind Service Trust Portal sign-in (Microsoft account with services agreement). Service-level confirmation that Azure OpenAI / Microsoft Foundry is in audit scope is in the report's scope appendix and the "Microsoft Azure Compliance Offerings" STP document (also gated), so scope inclusion was not independently re-verified from a public page.

source · full cell

Anthropic API first-party API
Yes, public confidence: high · verified 2026-07-05

Anthropic's official help-center certifications page publicly states "SOC 2 Type I & Type II" for commercial products "such as Claude for Work and the Anthropic API". The report itself is not a public download; copies are requested via the Trust Portal (trust.anthropic.com), which uses an access-request/NDA flow.

source · full cell

Claude via AWS Bedrock Anthropic model, served by AWS Bedrock
Yes, public confidence: high · verified 2026-07-05

Two-level rule: this grades AWS (the serving platform), not Anthropic. Amazon Bedrock is listed with a checkmark on AWS's SOC services-in-scope page. The SOC 2 Type II report itself is retrieved self-serve via AWS Artifact (console, click-through confidentiality terms) rather than a public download.

source · full cell

Claude via Google Vertex AI Anthropic model, served by Google Cloud Vertex AI
Yes, public confidence: high · verified 2026-07-05

Google's services-in-scope page lists both "Vertex AI Platform" and "Generative AI on Vertex AI" as covered by Google Cloud's SOC 1/2/3 reports. SOC 2 Type II reports are downloadable self-serve via Google's Compliance Reports Manager (Google account required, no sales gate); SOC 3 is fully public. Scope is the Google Cloud platform level; the report does not attest Anthropic's own controls.

source · archived copy · full cell

Gemini via Vertex AI Google model, served by Google Cloud Vertex AI
Yes, public confidence: high · verified 2026-07-05

Google Cloud's services-in-scope page lists "Vertex AI Platform" and "Generative AI on Vertex AI" under SOC 1/2/3. SOC 2 reports are downloadable self-serve via Compliance Reports Manager (Google account sign-in required, no NDA or sales contact). Vertex AI was renamed "Gemini Enterprise Agent Platform" in 2026; newer pages use that name.

source · archived copy · full cell

AWS Bedrock (platform) platform row
Yes, public confidence: high · verified 2026-07-05

Amazon Bedrock is listed in scope for AWS SOC 1/2/3 reports, explicitly "excludes Amazon Bedrock Marketplace". The in-scope listing is public; the SOC 2 Type II report itself is retrieved self-serve via AWS Artifact (requires an AWS account, no sales contact).

source · archived copy · full cell

Mistral La Plateforme first-party API
Yes, sales-gated confidence: high · verified 2026-07-05

Help center states Mistral "complies with SOC 2 Type II and ISO 27001/27701 frameworks"; the report itself is not public and must be requested via the Trust Center (trust.mistral.ai/resources). Exact audit scope/period not publicly stated.

source · full cell

Mistral via Azure AI Mistral AI model, served by Microsoft Azure
Partial confidence: medium · verified 2026-07-05

Azure undergoes SOC 2 Type II audits and Microsoft's Foundry data-privacy doc states serverless model deployments "are subject to Azure data, privacy, and security commitments." However, the service-level audit scope (Appendices A/B of the Azure Compliance Offerings document) is gated on the Service Trust Portal, and public docs do not explicitly confirm that third-party Foundry model hosting (Mistral serverless / Foundry Models) is inside the audited boundary. Models from partners and community are "Non-Microsoft Products" under the Product Terms. Two-level rule - this cell describes the serving platform (Microsoft Azure), not Mistral AI's own SOC 2.

source · full cell

Cohere API Cohere model, served by Cohere (first-party)
Yes, sales-gated confidence: high · verified 2026-07-05

Trust center states Cohere undergoes an annual SOC 2 Type II audit; obtaining the report requires a signed mutual NDA via the trust center. cohere.com/security also states the API platform is SOC 2 Type II compliant.

source · full cell

Cohere via AWS Bedrock Cohere model, served by AWS Bedrock
Yes, public confidence: high · verified 2026-07-05

Platform-level (AWS). The SOC services-in-scope list is public; the SOC 2 Type II report itself is retrieved via AWS Artifact, a self-serve portal with click-through confidentiality terms (no sales gate). Third-party model traffic on Bedrock runs inside AWS's audited boundary.

source · archived copy · full cell

Llama via AWS Bedrock Meta model, served by AWS Bedrock
Yes, public confidence: high · verified 2026-07-05

Two-level rule: this grades AWS (the serving platform), not Meta. Amazon Bedrock is listed with a checkmark on AWS's SOC services-in-scope page. The SOC 2 Type II report itself is retrieved self-serve via AWS Artifact (console, click-through confidentiality terms) rather than a public download.

source · archived copy · full cell

Llama via Azure AI Meta model, served by Microsoft Azure (Azure AI Foundry / Models-as-a-Service)
Yes, public confidence: medium · verified 2026-07-05

Two-level rule: this cell grades the serving platform (Microsoft Azure), not Meta. Azure holds an Azure-wide SOC 2 Type 2 attestation; reports are gated behind Service Trust Portal sign-in. Microsoft's model-catalog data privacy doc states serverless API (MaaS) deployments are "subject to Azure data, privacy, and security commitments" and the hosting is managed by the Azure Machine Learning service, but the per-service audit-scope list lives in a gated STP document, and public docs do not enumerate third-party MaaS model offerings (e.g. Llama) in the SOC 2 report scope. Confidence medium for that scope nuance.

source · archived copy · full cell

xAI API xAI model, served by xAI (first-party)
Yes, sales-gated confidence: high · verified 2026-07-05

xAI's API security FAQ states "We are SOC 2 Type 2 compliant." The report itself is not public: the FAQ directs customers with a signed NDA to the trust center (trust.x.ai) for certification details. Compliance claim is public; the Type II report is NDA-gated.

source · archived copy · full cell

DeepSeek API (first-party) first-party API
No public evidence confidence: high · verified 2026-07-05

No SOC 2 Type II report, attestation announcement, or audit-report request channel was found on deepseek.com, in the DeepSeek Open Platform Terms of Service, or in the privacy policy. Web searches for "DeepSeek SOC 2" surface only third-party resellers of DeepSeek models that hold their own SOC 2 reports, which do not cover this first-party offering.

no public source · full cell

DeepSeek via Fireworks AI DeepSeek model, served by Fireworks AI
Yes, sales-gated confidence: high · verified 2026-07-05

Fireworks' security docs state the platform is SOC 2 Type II compliant and that "documentation and audit reports are available in our Trust Center" (trust.fireworks.ai). The report itself is gated behind Trust Center access; the attestation of SOC 2 Type II status is public. This covers the Fireworks serving platform, not DeepSeek the developer.

source · archived copy · full cell