Glossary

SOC 2 Type I vs Type II

Audit attesting that security controls are designed (I) or operating effectively (II).

Type I attests that controls were designed properly at a point in time. Type II attests that controls operated effectively over a 6–12 month observation window — much stronger. Production B2B procurement almost always wants Type II.

Keyboard shortcuts

?: Show this overlay
/: Focus the first form field
g h: Go to / (home)
g b: Go to /best-llm-for
g c: Go to /cost
g s: Go to /self-hosted
g x: Go to /compliance
Esc: Close any overlay

Inspired by Linear and GitHub conventions. The two-key sequences (g then h) work within ~1 second.