Announcing ScyllaDB 6.0 — True Elastic Scale | Learn More

ScyllaDB SOC 2 Compliance

Our System and Organization Controls (SOC) Reports are the results of independent third-party audits that evaluate how ScyllaDB Cloud accomplishes key compliance controls and objectives. The ScyllaDB SOC 2 Type II report will help you and your auditors understand the ScyllaDB Cloud controls established to support data security, availability, confidentiality, privacy, and more.

ScyllaDB’s SOC2 compliance includes mapping of the HIPAA Security Requirements to the Trust Services Security, Availability, and Confidentiality Principles and Criteria.


SOC stands for “System and Organization Controls.” A SOC 2 report is designed to provide assurances about the effectiveness of controls in place at a service organization that are relevant to the security, availability, or processing integrity of the system used to process clients’ information or the confidentiality or privacy of that information.

Companies that use cloud service providers use SOC 2 reports to assess and address the risks associated with third-party technology services. These reports are issued by independent third-party auditors.

ScyllaDB has a SOC 2 Type II report for the ScyllaDB Cloud offering. The report describes ScyllaDB’s security controls for ScyllaDB Cloud and examines the suitability and effectiveness of those controls to meet the AICPA Trust Service Principles. It provides an independent assessment of how well ScyllaDB Cloud manages data with respect to security, availability, processing integrity, confidentiality, and privacy.

The scope of the SOC 2 Type II report is ScyllaDB Cloud, our fully-managed database as a service.

The report covers all regions available or used in ScyllaDB Cloud services.

The ScyllaDB SOC 2 Type II report covers the period from September 2020 to March 2021. New reports are released bi-annually.

At ScyllaDB we take security seriously. An important aspect for our clients is that they can trust that we have taken all necessary measures to protect the information processed in our ScyllaDB Cloud service offering.

If you wish to be provided with the ScyllaDB SOC 2 Reports please contact us to begin the process. During this process you will be required to provide us certain guarantees, among other sign a Non-Disclosure Agreement, and to comply with additional terms which shall be provided to you by us.