Issue
I need the latest SOC 2 Report for a vendor assessment or security questionnaire.
Applies To
- All Sentry Customers
Resolution
Sentry provides a report to customers on our "System and Organization Controls Relevant to Security, Availability, and Confidentiality and Applicable HIPAA Security Rule Requirements". This report is available to be reviewed within the application under Settings -> Legal & Compliance.
Note: this page is only available to Billing and Owner members.
If you’re not currently a member of any org, the quickest and easiest option to access the SOC2 report is to create an org through https://sentry.io/signup/. Once it’s created, you can find the latest SOC 2 report under Settings → Legal & Compliance.
Alternatively, if you’d prefer not to use that path, you can request an org through the SafeBase portal here.
The dates on the SOC 2 report reflect the period which the company was evaluated (the audit period). Generally, 40-65 days after the end of the audit period the auditor will issue the report. The report we currently have was issued ~October 2025. Since we undergo audits on an annual cadence, you would expect to receive a new report ~October 2026.
Some other important details:
Supplying the evaluation dates on the cover sheet this way is common amongst auditing firms (e.g. it is uncommon to specify the period of the reports validity).
SOC 2 reports are valid for a period of 1 year from the end of the evaluation period.
SOC 2 bridge letters are also available in-app alongside the most recent SOC 2 report to cover the period between the end of the most recent reports validity and the issuing of the next report.
SOC 2 bridge letters are typically made available the January following the issuance of the SOC 2 report.
The SOC 2 report covers our whole infrastructure, which includes all plans (free Developer, Team, Business, and Enterprise). It does not cover self-hosted.