Kedify Achieves SOC 2 Type II Certification!
Learn more about our commitment to security
All Posts
Kedify Achieves SOC 2 Type II Certification
by Zbynek Roubalik
January 06, 2026
Introduction
We’re excited to announce that Kedify has successfully achieved SOC 2 Type II certification.
This certification validates that Kedify meets rigorous industry standards for Security and Availability, and that our controls operate effectively over time. For teams running critical, production Kubernetes workloads, this provides independent assurance that Kedify is built and operated with trust, resilience, and protection in mind.
What Is SOC 2 Type II?
SOC 2 is an independent compliance framework established by the American Institute of Certified Public Accountants (AICPA). It evaluates how service providers design and operate controls to safeguard customer systems and data.
Kedify’s SOC 2 Type II report covers the following Trust Service Criteria:
- Security – protecting systems against unauthorized access and threats
- Availability – ensuring systems are reliable and accessible as committed
A Type II assessment evaluates the ongoing operational effectiveness of these controls across a defined audit period, providing confidence that security and availability practices are consistently followed in real-world operation.
Why This Matters
For Kedify customers, SOC 2 Type II certification means:
- Stronger security assurances for autoscaling and event-driven workloads
- Proven availability controls supporting reliable production operations
- Independent validation of Kedify’s operational maturity
Whether you’re scaling APIs, background workers, or mission-critical services, this certification helps reduce risk and simplifies internal compliance reviews.
Our Journey to SOC 2 Type II
Achieving SOC 2 Type II was a company-wide effort across engineering, security, operations, and leadership.
We use Drata to continuously monitor controls and evidence, embedding compliance directly into our day-to-day workflows. Our independent audit was conducted by Sensiba, who assessed both the design and operational effectiveness of Kedify’s controls over the audit period.
The scope of the audit included:
- Identity and access management
- Infrastructure and cloud security
- Change management and deployment practices
- Monitoring, incident response, and availability safeguards
- Vendor and risk management
This process strengthens not only our compliance posture, but also the reliability and security of the Kedify platform itself.
What’s Next for Kedify?
SOC 2 Type II is an important milestone, but it’s part of a broader, ongoing commitment.
We will continue to invest in:
- Enhancing security and availability controls
- Improving operational observability and resilience
- Raising the standard for production-grade autoscaling
Our goal is to make Kedify a platform customers can confidently rely on for their most critical workloads.
Run autoscaling with confidence
Build and scale on a secure, highly available Kedify platform.
Get StartedAccessing Our SOC 2 Report
Customers and prospective customers can request Kedify’s SOC 2 Type II report by contacting our team directly. If you have questions about our security or availability practices, we’re always happy to discuss them.
Built by the core maintainers of KEDA. Designed for production. Trusted at scale.
