As organizations increasingly rely on AI-driven automation to operate modern cloud environments, trust, security, and reliability become non-negotiable. We’re proud to announce that AlertD has successfully completed its SOC 2 Type II examination, covering the Security, Availability, and Confidentiality Trust Services Criteria for the AlertD platform .
This independent attestation validates that AlertD’s controls are not only well-designed, but operated effectively over time, providing assurance to ISVs, mid-market companies, and enterprises alike.
Purpose-Built AI Agents for DevOps & SRE Teams
AlertD is an AI-powered, agentic platform designed for DevOps and Site Reliability Engineering (SRE) teams. Our AI agents enable teams to interact with their AWS environments using natural language—accelerating investigation, improving visibility, and reducing operational toil across security, compliance, cost management, and performance optimization use cases .
Because AlertD operates deeply inside customer cloud environments, security and trust are foundational requirements—not optional features.
What SOC 2 Type II Means
The SOC 2 Type II examination was conducted by an independent audit firm in accordance with AICPA attestation standards and evaluated AlertD’s controls over the period August 26, 2025 through November 26, 2025 .
Unlike SOC 2 Type I, which evaluates controls at a single point in time, SOC 2 Type II assesses whether controls operate effectively over an extended period. The auditors concluded that AlertD’s controls provided reasonable assurance that service commitments related to security, availability, and confidentiality were met throughout the review period .
Architecture Aligned with Modern Cloud Security Models
AlertD’s security posture is reinforced by an architectural approach that aligns with how modern ISVs, SaaS providers, and enterprises manage risk in AWS.
Rather than operating a centralized, multi-tenant SaaS environment, AlertD deploys directly into each customer’s own AWS account using version-controlled AWS CloudFormation templates. As a result:
- Customer data remains within customer-controlled AWS environments
- AlertD does not centrally store or persist customer production data
- Customers retain administrative ownership and control of infrastructure
- Data residency and shared-tenancy risks are minimized by design
This architecture was a core component of the SOC 2 Type II evaluation .
Security, Confidentiality, and Responsible AI Use
The SOC 2 Type II report evaluated AlertD’s controls against the AICPA Trust Services Criteria for Security, Availability, and Confidentiality, including controls related to:
- Role-based access control and least-privilege IAM enforcement
- Encryption of data in transit and at rest using AWS-native services
- Monitoring, logging, and audit trail generation
- Change management for application code and infrastructure templates
- Restricted, non-persistent access by AlertD personnel
AlertD integrates with customer-selected large language models (LLMs), including providers such as OpenAI, Anthropic, open-source models, and AWS Bedrock. AlertD does not train proprietary foundation models on customer data, and LLM interactions are governed by customer configuration and permissions .
Availability and Operational Reliability
The examination also validated AlertD’s operational controls supporting availability and reliability, including:
- AWS-native monitoring and alerting
- Documented incident response and escalation procedures
- Backup and recovery mechanisms within customer AWS accounts
- Formal change management and release processes
During the review period, auditors reported no significant service disruptions or security incidents impacting customers .
Shared Responsibility, Clearly Defined
AlertD’s SOC 2 scope clearly defines responsibilities across:
- AlertD (AI agents, platform software, deployment tooling, operational processes)
- AWS (physical security, data center operations, environmental protections)
- Customers (account governance, access supervision, internal continuity planning)
This clarity makes AlertD straightforward to assess within third-party risk management, vendor security reviews, and compliance programs across company sizes .
What This Means for Customers
For ISVs, growing mid-market teams, and enterprise organizations, AlertD’s SOC 2 Type II certification provides assurance that:
- Security controls are independently tested and validated over time
- AI-driven automation is built on a strong security foundation
- Customer data remains in customer-controlled AWS environments
- AlertD supports security reviews, audits, and compliance requirements
The SOC 2 Type II and SOC 3 reports were formally issued on January 12, 2026 .
Next Steps
Customers and prospects can request compliance documentation or schedule a security or architecture review by contacting AlertD directly. We welcome discussions with DevOps leaders, SRE teams, and security organizations as part of technical evaluations and procurement processes. AlertD is built to help DevOps and SRE teams move faster—with confidence.